Introducing security for AI coding agents and workstations

Product

Platform

Platform Overview

Developer Tools

FREE

Languages & Integrations

Use cases

AI Governance

AI Code

Open Source

SCA With Reachability

Malicious Package Detection

Package Firewall

Upgrade Impact Analysis

Container

Bricks, Blocks, and Big Ideas: A LEGO Workshop with Tyler Clites

Date

Tuesday, April 29, 2025

Time

6:00 — 9:00 PM

Event Type

In person

Location

TRACE Restaurant, W Hotel

181 3rd St, San Francisco, CA 94105

Save My Spot

Calling all AppSec professionals—take a break from securing your code to flex your creative muscles in this one-of-a-kind LEGO workshop! Bricks, Blocks, and Big Ideas offers an opportunity to approach problem-solving and innovation from a fresh perspective. Join LEGO master builder Tyler Clites for an interactive session designed to spark your creativity and teamwork, all while building something truly unique.

This session isn’t just about building with LEGO—it’s about building connections with your peers, sharpening your creative problem-solving skills, and taking a break from the conference while having fun.Join us on Tuesday, April 29, and let your creativity flow. Don’t miss your chance to be part of this fun and inspiring experience at RSAC!

Contents

Want to stay in the loop?

Welcome to the resistance

Oops! Something went wrong while submitting the form.

Claude Fable 5: Mythos-grade hype, record cheating, and a few hall-of-fame entries

Average results with 59.8% on functional solves and just 19.0% on security solves

Recall, not reasoning: how AI coding agents cheat security benchmarks

Endor Labs + Cursor: Building the security foundation for agentic coding

Introducing Full Stack Reachability: Container Scanning That Actually Reduces Noise

Cut container vulnerability noise by up to 90% with full-stack reachability analysis spanning application and container image OS layers.

Classic Vulnerabilities Meet AI Infrastructure: Why MCP Needs AppSec

MCP servers inherit classical vulnerabilities like command injection, path traversal, and SSRF. Here's why LLMs and MCP deserve the same security practices as traditional applications.

How Fake Font Packages Abused npm as a CDN

101 packages disguised as font files distributed 34 TiB of data via npm's infrastructure—with a total of 4.3 PiB transferred via downloads.

Company

Home Pricing Contact Us About Careers

LEARN

Blog Documentation eBook / Reports Events LeanAppSec Solution Brief Video

Tools

Risk Explorer

Why Us?

vs Snyk vs Semgrep vs Socket vs Traditional SCA vs Runtime SCA

Products

Use Cases

AI Apps AI Apps

AI Code Governance AI Code Governance

AI Static Application Security Testing (SAST)AI Static Application Security Testing (SAST)

Artifact Signing Artifact Signing

Bazel Monorepos Bazel Monorepos

CI/CD Discovery CI/CD Discovery

Code Scanning Code Scanning

Compliance & SBOM Compliance & SBOM

Container Scanning Container Scanning

Cyber Resilience Act Cyber Resilience Act

Digital Operational Resilience Act (DORA)Digital Operational Resilience Act (DORA)

FedRAMP FedRAMP

GitHub Actions GitHub Actions

ISO 42001 ISO 42001

Malicious Package Detection Malicious Package Detection

PCI DSS PCI DSS

RSPM RSPM

SBOM Ingestion SBOM Ingestion

SCA with Reachability SCA with Reachability

Secrets Detection Secrets Detection

SOC 2 SOC 2

Upgrades & Remediation Upgrades & Remediation

Integrations

Endor Labs with GitHub Advanced Security

IDE

Microsoft Defender for Cloud

PHP

Legal and Privacy Trust and Security

All names, logos, and brands of third parties listed on our site are trademarks of their respective owners. Endor Labs and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.