Scoped-namespace enforcement, internal-package signature verification, registry-priority pinning, and live alerts when a public package matches the name of one of your private artefacts. The 2021 Birsan-class attack pattern, neutralised.
When your internal `acme-utils` package shares a name with a public package on the same registry, default resolution rules in most package managers prefer the higher version. An attacker publishes 99.99.99 and your CI pulls it on the next build.
Mitigation requires four pieces wired together: scoped namespaces so private and public cannot collide; signed internal artefacts so authenticity is checkable; registry priority that the build environment respects; and live monitoring for the case where a public squat appears anyway.
Most organisations ship one or two of the four. The platform wires all four together against your tenant's internal-package catalogue so the attack class is closed end-to-end.
Most package managers do not gate on registry origin. An attacker publishing version 99.99.99 of an internal name on the public registry wins resolution by default.
An internal package called `acme-utils` collides with anything anyone publishes publicly under the same name. The collision space is a global namespace that any attacker can probe.
Without signed internal artefacts, the build cannot tell a legitimate internal release from a same-named public squat. Authenticity reduces to vendor trust.
Organisations rarely monitor the public registry for new packages matching their internal names. The first time anyone notices is when the build pulls the squat.
The platform inventories every internal package across npm scopes, pypi private indexes, maven group IDs, and equivalent constructs; PRs that introduce unscoped internal names are blocked at the gate.
Internal releases are signed via sigstore during the build-provenance pass; consumers verify the signature before install. Same-named unsigned artefacts fail the verification check.
The Safeguard scanner-suite inspects every lockfile and resolver config to confirm internal-first resolution for in-scope names; misconfigured resolvers raise a PR fix.
Every internal package name is watched on the corresponding public registry; new same-named publishes trigger an alert in under 5 minutes plus a registry-abuse takedown thread.
Every private artefact across the org enumerated from internal registries and tenant SBOMs.
Unscoped names get a draft migration PR — new scope, redirect shim for downstream consumers.
Existing internal releases re-published with sigstore signatures; new releases gated on signature presence.
Lockfiles and resolver settings scanned across the org; misconfigured priorities open a PR fix.
Every internal name registered with the watcher; hourly sweep of corresponding public registries.
New same-named publish triggers tenant alert, registry-abuse report, and tenant-mirror blackhole within minutes.
Combine with SBOM Studio for the artefact graph, scanner-suite for resolver auditing, and the build-provenance pipeline for signing.
Connect your internal registry and we'll produce a confusion-exposure map plus a migration plan within the week.