Introducing AURI, security intelligence for AI coding agents

Product

Platform

Platform Overview

Developer Tools

Languages & Integrations

Use cases

Code

AI SAST

AI Security Code Review

Secrets Detection

Open Source

Reachability-based SCA

Upgrade Impact Analysis

Malicious Package Detection

Container

Learn

Resources

Tools

Featured resources

State of Dependency Management 2025

3D render of a book titled '2023 Dependency Management Report' by Endor Labs with icons and author photos on the cover.

Code Prompt Library

Dark green square with rounded corners featuring a coding symbol consisting of less-than and greater-than signs with a slash.

Artifact Signing

SCA for Bazel

SCA for Python and AI Apps

Research

Company

About

Achievements

Intellyx Digital Innovation Award

See How It Works in Action

In person

Meet Endor Labs at FS-ISAC America's Spring Summit

Name: Meet Endor Labs at FS-ISAC America's Spring Summit
Start: Mar 03, 2024
Location: North America

San Diego, California

Meet with our executive team to learn more about:

Open source security for Python and AI apps
Reducing SCA alerts by 80% with reachability analysis
Managing and analyzing SBOM/VEX
Building policy engines to break fewer builds

Catch our talk about how to mitigate the Top 10 OSS Risks with Endor Labs on March 5th, 4:15pm!

Want to book some time with the Endor Labs team? Use the form below!

Date

March 3, 2024

Time

Location

North America

→

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Speakers

No items found.

Event Overview

Speakers

No items found.

Schedule

No items found.

Want to stay in the loop?

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

AURI: Security Intelligence for Agentic Software Development

AI agents have transformed how software gets built, but they’re introducing risk at a scale humans can’t review. This solution brief shows how AURI by Endor Labs embeds security directly into developer workflows, combining agentic reasoning with deterministic program analysis to enable teams to code without compromise.

Malicious 'Pyronut' Package Backdoors Telegram Bots with Remote Code Execution

The malicious Python package pyronut copies the entire project description and code of the popular pyrogram Telegram framework to pass itself off as the real thing, while silently installing a runtime backdoor that grants the attacker arbitrary Python and shell command execution on every victim's machine.

npm is serving malware to 134,000 developers, and the maintainer can’t stop it

The Glassworm threat attacker took over the npm account of a maintainer

Home Pricing Contact Us

Company

About Careers

LEARN

Blog Documentation eBook / Reports Events LeanAppSec Solution Brief Video

Tools

TEI Calculator Risk Explorer

Why Us?

vs. Snyk vs. Semgrep vs. Socket vs. Traditional SCA vs. Runtime SCA

Product

Products

Endor Labs Supply Chain

Endor Open Source

Endor CI/CD

Endor SBOM Hub

Use Cases

Secrets Detection Secrets Detection

AI Static Application Security Testing (SAST)AI Static Application Security Testing (SAST)

Malicious Package Detection Malicious Package Detection

Code Scanning Code Scanning

AI Code Governance AI Code Governance

Upgrades & Remediation Upgrades & Remediation

SBOM Ingestion SBOM Ingestion

AI Apps AI Apps

Bazel Monorepos Bazel Monorepos

Digital Operational Resilience Act (DORA)Digital Operational Resilience Act (DORA)

PCI DSS PCI DSS

Container Scanning Container Scanning

RSPM RSPM

GitHub Actions GitHub Actions

CI/CD Discovery CI/CD Discovery

Artifact Signing Artifact Signing

Compliance & SBOM Compliance & SBOM

SCA with Reachability SCA with Reachability

Integrations

Gemini Gemini

VS Code / GitHub Copilot VS Code / GitHub Copilot

Cursor Cursor

C/C++C/C++

Microsoft Defender for Cloud Microsoft Defender for Cloud

TypeScript TypeScript

JavaScript JavaScript

Legal and Privacy Trust and Security

All names, logos, and brands of third parties listed on our site are trademarks of their respective owners. Endor Labs and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.