The Endor Labs Experience
Cursor (Anysphere)
Reachability is table stakes these days. That's why we switched to Endor recently which actually builds the entire call graph and is incremental. Its comments are informational so for level1 triage can be done by the devs. Moreover, now we can actually do SLA and ticketing which is always a struggle with os Trivy."
My team is responsible for remediating vulnerabilities. Endor helps us do it quickly so we can deliver the most secure AI product possible.”
One of the main reasons we increased investment in Endor Labs was the additional telemetry for fix requirements. It allows us to further prioritize work, for example we can schedule a larger fix with many breaking changes for a later sprint while getting the easier ones done quickly."
Endor Labs gives us the data to see what’s exploitable and needs to be fixed. We have tight remediation SLAs, as short as 24 hours, and Rubrik is consistently hitting them because we don’t have to argue over whether a finding is real.”
As much as we’d like to believe that fixing is always safe, we can’t afford to bring instability into the system. Endor Labs helped us build a scalable remediation workflow that reduces risk of breaking changes.”
With Endor Labs we know where to focus, while other tools tell us to focus everywhere. We’re feeding three birds at once, Endor Labs makes us more productive by telling us where to focus, it improves our security posture, and it’s meeting us where we work."
Endor Labs has left me with the impression that they will do what it takes to see their customers succeed. For software composition and reachabiity analysis, it was difficult to find a competing product in the current market that is as fully featured as their platform."
Traditional SCA tools drown developers in false positives. Endor Labs surfaces risks that actually matter, freeing up AppSec and engineering teams to focus on providing value to our customers."
