Platform

Shift Left AppSec Platform

Unify security scanners in one platform that cuts through noise.

Fix what’s easy, patch what's hard, and avoid breaking changes.

AI Code Security

Prepare for AI adoption and increase AppSec productivity.

Ecosystem

Languages & Integrations

Microsoft Defender for Cloud

GitHub Advanced Security

Use Cases

Reachability & Remediation Based SCA

AI Security Code Review

OSS Security Patches

Malware Package Detection

Container Scanning

Learn

Learn by Topic

Compliance & SBOM

Developer Productivity

First Party Code

Learn by Category

Featured resources

Code Prompt Library

Artifact Signing

SCA for Python and AI Apps

Tools

Code Prompt Library

Company

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

Recent resources

How to Defend Against NPM Software Supply Chain Attacks

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Endor Labs Drives 225% Revenue Growth, Pioneers the Future of Secure SDLC

Platform

Shift Left AppSec Platform

Unify security scanners in one platform that cuts through noise.

Fix what’s easy, patch what's hard, and avoid breaking changes.

AI Code Security

Prepare for AI adoption and increase AppSec productivity.

Ecosystem

Languages & Integrations

Microsoft Defender for Cloud

GitHub Advanced Security

Use Cases

Reachability & Remediation Based SCA

AI Security Code Review

OSS Security Patches

Malware Package Detection

Container Scanning

Learn

Learn by Topic

Compliance & SBOM

Developer Productivity

First Party Code

Learn by Category

Featured resources

Code Prompt Library

Artifact Signing

SCA for Python and AI Apps

Tools

Code Prompt Library

Company

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

Recent resources

How to Defend Against NPM Software Supply Chain Attacks

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Endor Labs Drives 225% Revenue Growth, Pioneers the Future of Secure SDLC

Learn

Learn about software supply chain security and Endor Labs.

Featured resources

A virus-like npm malware attack has spread to 180+ packages so far, including CrowdStrike and Tinycolor.

Blog

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Sep 16, 2025

AI Security Code Review: A Multi-Agent Approach for Detecting Security Design Flaws at Scale

Ebook/Report

AI Security Code Review: A Multi-Agent Approach for Detecting Security Design Flaws at Scale

Apr 23, 2025

Introducing the Endor Labs MCP Server: fix-first security for the vibe coding era

Blog

Introducing the Endor Labs MCP Server: fix-first security for the vibe coding era

Apr 23, 2025

Introducing AI Security Code Review

Blog

Introducing AI Security Code Review

Apr 23, 2025

Topic

AI/ML

CI/CD

Compliance & SBOM

Developer Productivity

First Party Code

Malware

News

Open Source

Opinion

SCA

Security

Tech

Medium

Blog

Customer Story

Ebook/Report

Solution Brief

Video

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Security

Developer Productivity

The AppSec Maturity Staircase: Climbing Faster, Not Harder with Endor Labs

Blog

The AppSec Maturity Staircase: Climbing Faster, Not Harder with Endor Labs

Feb 11, 2025

SCA

Security

Developer Productivity

How to Get Developers to Accept Security PRs Faster

Blog

How to Get Developers to Accept Security PRs Faster

Feb 4, 2025

AI/ML

Open Source

Security

deepseek-r1-what-security-teams-need-to-know

Blog

DeepSeek R1: What Security Teams Need to Know

Jan 29, 2025

AI/ML

SCA

Open Source

How to Discover Open Source AI Models in Your Code

Blog

How to Discover Open Source AI Models in Your Code

Jan 28, 2025

SCA

Open Source

Security

Remote Code Execution Vulnerabilities in Apache Struts

Blog

Remote Code Execution Vulnerabilities in Apache Struts

Jan 24, 2025

Open Source

First Party Code

Everything You Need to Know About Opengrep

Blog

Everything You Need to Know About Opengrep

Jan 23, 2025

SCA

Security

Blog

Uncover Trends and Show AppSec Value with the Endor Labs Dashboard

Jan 21, 2025

Compliance & SBOM

SCA

Security

Blog

Identifying and Tracking FedRAMP False Positives

Jan 14, 2025

Developer Productivity

Open Source

SCA

Security

Blog

How Endor Labs Prioritizes Open Source Security Patches

Jan 7, 2025

Open Source

SCA

Security

Why Reachability Analysis for JavaScript Is Hard (and How We Fixed It)

Blog

Why Reachability Analysis for JavaScript Is Hard (and How We Fixed It)

Dec 17, 2024

Security

Developer Productivity

Compliance & SBOM

Open Source

SCA

Endor Patches whitepaper

Ebook/Report

Endor Patches Whitepaper

Dec 16, 2024

Open Source

SCA

Security & Compliance

Tech

Grip Security Reduces Noise by 99%

Customer Story

Grip Security Reduces Noise by 99%

Dec 11, 2024

Developer Productivity

Open Source

Security

SCA

Grip Security Builds Customer Trust with AppSec

Blog

Under the Hood: Grip Security Builds Customer Trust with AppSec

Dec 11, 2024

SCA

Developer Productivity

Open Source

The Uncomfortable Truth of Vulnerable and Outdated Software Components

Blog

The Uncomfortable Truth of Vulnerable and Outdated Software Components

Dec 9, 2024

SCA

Open Source

Compliance & SBOM

Reduce FedRAMP Compliance Costs

Solution Brief

Reduce FedRAMP Compliance Costs

Dec 4, 2024

SCA

Security

Blog

Why OVAL Feeds Outperform NVD for Linux Vulnerability Management

Dec 3, 2024

SCA

Compliance & SBOM

Security

Blog

Achieving FedRAMP’s Container Scanning Requirements

Nov 27, 2024

Developer Productivity

Open Source

SCA

Blog

Breaking Changes, Breaking Trust

Nov 26, 2024

SCA

Open Source

Compliance & SBOM

Security

Reducing FedRAMP Compliance Costs with Endor Labs

Blog

Reducing FedRAMP Compliance Costs with Endor Labs

Nov 22, 2024

SCA

News

Security

Blog

Microsoft Defender for Cloud Natively Integrates with Endor Labs

Nov 19, 2024

AI/ML

Hugging Face Model Score Curation at Endor Labs

Blog

Hugging Face Model Score Curation at Endor Labs

Nov 11, 2024

...

4 / 12

Sorry, no results matching your search.

Want to stay in the loop?

Sign up for our newsletter.

Email

Welcome to the resistance

Oops! Something went wrong while submitting the form.

Home Pricing Contact Us

Company

LEARN

Blog Documentation eBook / Reports Events LeanAppSec Solution Brief Video

Tools

TEI Calculator Risk Explorer

Why Us?

vs. Snyk vs. Traditional SCA vs. Runtime SCA

Products

Endor Labs Supply Chain

Endor Open Source

Use Cases

Malware Package Detection Malware Package Detection

Code Scanning Code Scanning

SAST & Secret Detection SAST & Secret Detection

AI Code Governance AI Code Governance

Upgrades & Remediation Upgrades & Remediation

SBOM Ingestion SBOM Ingestion

AI Apps AI Apps

Bazel Monorepos Bazel Monorepos

Digital Operational Resilience Act (DORA)Digital Operational Resilience Act (DORA)

PCI DSS PCI DSS

Container Scanning Container Scanning

GitHub Actions GitHub Actions

CI/CD Discovery CI/CD Discovery

Artifact Signing Artifact Signing

Compliance & SBOM Compliance & SBOM

SCA with Reachability SCA with Reachability

Integrations

VS Code / GitHub Copilot VS Code / GitHub Copilot

Microsoft Defender for Cloud Microsoft Defender for Cloud

Bitbucket Bitbucket

.NET (C#).NET (C#)

TypeScript TypeScript

JavaScript JavaScript

Jenkins Jenkins

CircleCI CircleCI

© 2025 Endor Labs. All rights reserved.

Legal and Privacy Trust and Security

All names, logos, and brands of third parties listed on our site are trademarks of their respective owners. Endor Labs and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.