PALO ALTO, CA – July 12, 2023 – Endor Labs, creator of the Code Governance Platform, has been recognized by Gartner as a Cool Vendor in Platform Engineering for Scaling Application Security Practices. We believe that this recognition highlights Endor Labs' commitment to providing cutting-edge solutions that address the challenges faced by platform engineering and DevSecOps teams in meeting application security needs.
The full report, which can be accessed here (for Gartner subscribers), reveals that “Platform teams find it difficult to meet application security needs without hampering the developer experience. The fragmented DevSecOps toolchain poses challenges in enforcing consistent security policies and shipping software that is ‘’secure by default.’ The increased risk of software supply chain attacks further emphasizes the need for engineering teams to ensure the integrity, provenance, and traceability of build artifacts”.
We feel our recognition as a Cool Vendor validates our innovative approach to give DevSecOps teams the context they need to prioritize open source risk, secure CI/CD pipelines, and meet compliance objectives like SBOMs.
The report states that: ”Scaling DevSecOps practices across product teams is critical but difficult to achieve. Software engineering leaders leading platform teams should assess the cool vendors in this research and integrate their solutions as part of internal developer platforms to deliver secure software at scale.”
This is a pivotal time in the evolution of Application Security, and the relationships between engineering and security teams, as the report states “By 2026, 70% of platform teams will integrate application security tools as part of internal developer platforms to scale DevSecOps practices, up from 20% in 2023.”
"We are happy to receive this recognition from Gartner. It reinforces our confidence in what we feel is a revolutionary approach to secure software supply chains, and enhance developer productivity," said Varun Badhwar, co-founder and CEO of Endor Labs. "We believe effective open source risk management requires a comprehensive lifecycle transformation, rather than an endless barrage of alerts. Our platform provides the necessary context for security and development teams to prioritize open source risk throughout the software development lifecycle."
Gartner, Cool Vendors in Platform Engineering for Scaling Application Security Practices, By Manjunath Bhat, Aaron Lord, Nitish Tyagi, Published 6 July 2023. GARTNER and COOL VENDORS are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Endor Labs
Endor Labs helps developers and security teams spend less time dealing with security issues and more time accelerating development through safe Open Source Software (OSS) adoption. Our Code Governance Platform helps organizations prioritize risk across open source software and CI/CD pipelines, and meet compliance objectives such as SBOMs. The Endor Labs engineering team includes some of the world’s leading static analysis experts, including 7 PhDs and senior engineers from Meta, Uber, Amazon, and Microsoft. Endor Labs was founded by industry veterans Varun Badhwar and Dimitri Stiliadis, and is backed by Lightspeed & Dell Technologies Capital, as well as executives at companies like Palo Alto Networks, Zscaler, Zoom, Google, and more.