Introducing AURI, security intelligence for AI coding agents

Product

Platform

Platform Overview

Developer Tools

Languages & Integrations

Use cases

Code

AI Security Code Review

Secrets Detection

Open Source

Reachability-based SCA

Upgrade Impact Analysis

Malicious Package Detection

AI Model Governance

SBOM & Compliance

Security Patches

Container

Container Security

Artifact Signing

Learn

Resources

Customer Stories

Ebooks & Reports

Tools

Code Prompt Library

Featured resources

State of Dependency Management 2025

3D render of a book titled '2023 Dependency Management Report' by Endor Labs with icons and author photos on the cover.

Code Prompt Library

Dark green square with rounded corners featuring a coding symbol consisting of less-than and greater-than signs with a slash.

Artifact Signing

SCA for Python and AI Apps

Company

About

Customer Stories

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

See How It Works in Action

Introducing AURI, security intelligence for AI coding agents

Product

Platform

Platform Overview

Developer Tools

Languages & Integrations

Use cases

Code

AI Security Code Review

Secrets Detection

Open Source

Reachability-based SCA

Upgrade Impact Analysis

Malicious Package Detection

AI Model Governance

SBOM & Compliance

Security Patches

Container

Container Security

Artifact Signing

Learn

Resources

Customer Stories

Ebooks & Reports

Tools

Code Prompt Library

Featured resources

State of Dependency Management 2025

3D render of a book titled '2023 Dependency Management Report' by Endor Labs with icons and author photos on the cover.

Code Prompt Library

Dark green square with rounded corners featuring a coding symbol consisting of less-than and greater-than signs with a slash.

Artifact Signing

SCA for Python and AI Apps

Company

About

Customer Stories

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

See How It Works in Action

Learn

Learn about software supply chain security and Endor Labs.

Featured resources

How the EU Cyber Resilience Act (CRA) rewrites the rules of software liability

Blog

How the EU Cyber Resilience Act (CRA) rewrites the rules of software liability

Mar 13, 2026

Introducing AURI: Security Intelligence for AI Coding Agents and Developers

Blog

Introducing AURI: Security Intelligence for AI Coding Agents and Developers

Mar 3, 2026

How AI SAST Traced Data Flows to Uncover Six OpenClaw Vulnerabilities

Blog

How AI SAST Traced Data Flows to Uncover Six OpenClaw Vulnerabilities

Feb 18, 2026

Introducing Full Stack Reachability: Container Scanning That Actually Reduces Noise

Blog

Introducing Full Stack Reachability: Container Scanning That Actually Reduces Noise

Feb 11, 2026

Topic

AI/ML

CI/CD

Compliance & SBOM

DevSecOps Tools

Developer Productivity

First Party Code

Malware

News

Open Source

Opinion

SCA

Security

Tech

Medium

Blog

Customer Story

Ebook/Report

Solution Brief

Video

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Malware

Malicious 'Pyronut' Package Backdoors Telegram Bots with Remote Code Execution

Blog

Malicious 'Pyronut' Package Backdoors Telegram Bots with Remote Code Execution

Mar 18, 2026

Security

Malware

Blog

npm is serving malware to 134,000 developers, and the maintainer can’t stop it

Mar 18, 2026

News

Endor Labs + Zscaler: Zero Trust Application Security for the AI Era

Blog

Endor Labs + Zscaler: Zero Trust Application Security for the AI Era

Mar 17, 2026

Opinion

Compliance & SBOM

How the EU Cyber Resilience Act (CRA) rewrites the rules of software liability

Blog

How the EU Cyber Resilience Act (CRA) rewrites the rules of software liability

Mar 13, 2026

Security

Malware

Blog

The Return of PhantomRaven: Detecting Three New Waves of npm Supply Chain Attacks

Mar 10, 2026

AI/ML

News

Intelligence and governance in the software supply chain with Endor Labs and Cloudsmith

Blog

Intelligence and governance in the software supply chain with Endor Labs and Cloudsmith

Mar 10, 2026

AI/ML

News

Introducing AURI: Security Intelligence for AI Coding Agents and Developers

Blog

Introducing AURI: Security Intelligence for AI Coding Agents and Developers

Mar 3, 2026

Security

News

Open Source

Blog

Remote Code Execution (RCE) in Ghost CMS (CVE-2026-29053): A Transitive Dependency Wreaks Havoc

Mar 2, 2026

Compliance & SBOM

EU Cyber Resilience Act

Ebook/Report

EU Cyber Resilience Act

Feb 27, 2026

Security

Open Source

Blog

CVE-2026-27959: Userinfo Host Header Injection in Koa

Feb 25, 2026

Opinion

Anthropic just validated that AppSec is the biggest opportunity in cybersecurity

Blog

Anthropic just validated that AppSec is the biggest opportunity in cybersecurity

Feb 24, 2026

Malware

Security

Blog

SANDWORM_MODE: Dissecting a Multi-Stage npm Supply Chain Attack

Feb 23, 2026

Security

Open Source

Blog

CVE-2026-25896: Entity Encoding Bypass in fast-xml-parser

Feb 21, 2026

Security

Open Source

AI SAST Finding: Path Traversal in OpenClaw via LLM Guardrail Bypass

Blog

AI SAST Finding: Path Traversal in OpenClaw via LLM Guardrail Bypass

Feb 19, 2026

Malware

Security

Open Source

Supply Chain Attack targeting Cline installs OpenClaw

Blog

Supply Chain Attack targeting Cline installs OpenClaw

Feb 18, 2026

Security

Open Source

How AI SAST Traced Data Flows to Uncover Six OpenClaw Vulnerabilities

Blog

How AI SAST Traced Data Flows to Uncover Six OpenClaw Vulnerabilities

Feb 18, 2026

Security

The Missing Layer: Why Container OS Libraries Need Reachability Analysis

Blog

The Missing Layer: Why Container OS Libraries Need Reachability Analysis

Feb 13, 2026

No items found.

Introducing Full Stack Reachability: Container Scanning That Actually Reduces Noise

Blog

Introducing Full Stack Reachability: Container Scanning That Actually Reduces Noise

Feb 11, 2026

No items found.

AI SAST in Action: Finding Real Vulnerabilities in OpenClaw

Blog

AI SAST in Action: Finding Real Vulnerabilities in OpenClaw

Feb 10, 2026

No items found.

Context Engineering for Application Security Whitepaper

Ebook/Report

Context Engineering for Application Security

Feb 10, 2026

AI/ML

First Party Code

Design Flaws in AI Generated Code

Blog

Design Flaws in AI Generated Code

Feb 9, 2026

...

1 / 15

Want to stay in the loop?

Sign up for our newsletter.

Email

Welcome to the resistance

Oops! Something went wrong while submitting the form.

Home Pricing Contact Us

Company

LEARN

Blog Documentation eBook / Reports Events LeanAppSec Solution Brief Video

Tools

TEI Calculator Risk Explorer

Why Us?

vs. Snyk vs. Semgrep vs. Socket vs. Traditional SCA vs. Runtime SCA

Products

Endor Labs Supply Chain

Endor Open Source

Use Cases

Secrets Detection Secrets Detection

AI Static Application Security Testing (SAST)AI Static Application Security Testing (SAST)

Malicious Package Detection Malicious Package Detection

Code Scanning Code Scanning

AI Code Governance AI Code Governance

Upgrades & Remediation Upgrades & Remediation

SBOM Ingestion SBOM Ingestion

AI Apps AI Apps

Bazel Monorepos Bazel Monorepos

Digital Operational Resilience Act (DORA)Digital Operational Resilience Act (DORA)

PCI DSS PCI DSS

Container Scanning Container Scanning

GitHub Actions GitHub Actions

CI/CD Discovery CI/CD Discovery

Artifact Signing Artifact Signing

Compliance & SBOM Compliance & SBOM

SCA with Reachability SCA with Reachability

Integrations

VS Code / GitHub Copilot VS Code / GitHub Copilot

Microsoft Defender for Cloud Microsoft Defender for Cloud

Bitbucket Bitbucket

.NET (C#).NET (C#)

TypeScript TypeScript

JavaScript JavaScript

Jenkins Jenkins

CircleCI CircleCI

© 2026 Endor Labs. All rights reserved.

Legal and Privacy Trust and Security

All names, logos, and brands of third parties listed on our site are trademarks of their respective owners. Endor Labs and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.