If a package installed despite your block rules, one of the following is usually the cause.
Not sure if Device Protection is active on the device? Test it first.
Device Protection inspects network traffic to package registries. If a package is already in the local package manager cache, the install resolves from cache without a network call, and the agent never sees it.
This applies to packages cached before Device Protection was deployed, and packages cached by any previous successful install.
Fix: clear the package manager cache, or force a fresh download.
pip
~/.cache/pip
pip install <package> --no-cache-dir
npm
~/.npm/_cacache
npm cache clean --force
yarn
~/.cache/yarn
yarn cache clean
We recommend clearing caches on every device after rolling out Device Protection.
Device Protection only intercepts supported package ecosystems. Installs from other sources pass through unchanged.
Check the supported ecosystems list to confirm.
If the agent is stopped or has not synced recently, it cannot enforce policy.
Check the agent status on the device, and confirm the last heartbeat in the Aikido dashboard.
New rules and exceptions reach the device on the next sync. If you just changed a policy, wait for the next heartbeat (every 10 minutes) or trigger a manual sync.
Device Protection does not currently support Docker or Podman on macOS. Installs inside those containers are not inspected.
Contact support and include your Device Protection Information for Support.
Last updated
Was this helpful?
Was this helpful?
