PALO ALTO, Calif. – (September 9, 2025) – Endor Labs, the fastest growing company in application security, today announced its biggest quarter to date, driven by unprecedented demand for application security amidst AI adoption. Leading companies, including Atlassian, Anywhere (makers of Cursor), and Glean, have turned to Endor Labs for its precision analysis, evidence-based remediation, and developer-first experience. With 225% year-over-year revenue growth, Endor Labs is becoming the new standard for secure development in the AI era. 

Endor Labs’ industry-leading platform is trusted to protect 7.4 million applications, up from 5 million in April, for major industry players, like OpenAI, Robinhood, Rubrik, and Dropbox. As AI-generated code becomes more autonomous and these innovations accelerate product cycles, companies can no longer rely on legacy systems for risk mitigation. Which is why Endor Labs provides developers with trusted and verifiable risk reduction, scanning 1.6M pull requests monthly for customers, all without slowing down engineering velocity.

Endor Labs goes beyond reviewing code and identifying vulnerabilities, proactively recommending precise fixes backed by evidence developers trust. By combining deep code visibility, proprietary vulnerability data, a multi-agent architecture, and integrations across the AI-native SDLC, Endor Labs reduces noise by an average of 92% to help engineers pinpoint exactly how a vulnerability can be exploited, the impact it will have, and the effort needed to address it. 

“The recent npm breach was yet another warning to those developing and securing the software supply chain: with the speed and scale of AI, exploits happen faster than you can react with a blast radius larger than you can imagine,” said Varun Badhwar, CEO of Endor Labs. “Even the best developers can’t audit every dependency, nor can the best security teams sift through the deluge of noise. To solve for this systematic fragility, Endor Labs unites security, development, and leadership, ensuring our customers aren’t just keeping up, they’re setting the pace.”

Atlassian, a global leader in team collaboration software, joined Endor Labs’ roster of new customers in Q2. Replacing a long-time vendor, Atlassian selected Endor Labs for its modern, proactive security approach, designed to address emerging AI threats and vulnerabilities. 

“As AI transforms the pace and complexity of software development, the need for proactive, developer-friendly security solutions has never been greater,” said Mark Turner, Head of Product Security at Atlassian. “We’re excited to partner with Endor Labs as we continue to strengthen our security posture in this AI era. Their focus on actionable insights and seamless integration aligns with our commitment to building secure, reliable products for our customers.”

The recent customer growth is continued validation of Endor Labs’ position as the fastest growing AppSec company. With $163 million raised to date, $93 million of which came from its most recent Series B round in April, Endor Labs is leveraging this capital to continue solving core AppSec challenges while always evolving to address the unique security challenges introduced by AI. In Q2, the company brought new capabilities to market to help customers build resilience against evolving threats, including:  

• C/C++ for SCA - C and C++ have historically been difficult for SCA tools to handle. To address this, Endor Labs developed a new approach that improves visibility and accuracy for C and C++ codebases. 
• Endor Labs MCP Server - Endor Labs MCP Server is the connective tissue between the Endor Labs AppSec platform and AI-native IDEs. With support for clients like GitHub Copilot, VSCode, and Cursor, the MCP Server helps companies incorporate a security pair-programmer that ensures AI coding assistants are producing secure code by default. 
• AI Security Code Review - AI Security Code Review is a new capability that helps AppSec teams move beyond reactive vulnerability management. It uses multiple AI agents to review pull requests for design flaws and architectural changes that affect your security posture. For example, new API endpoints, modifications to authentication logic, or the collection of new sensitive data.
• Enhance Malware Detection - Endor Labs now flags malicious packages faster, scoring signals often before the OSV lists them. This includes banned authors, compromised domains, pre/post-install scripts that run curl/wget to suspicious URLs, phone-home/outbound calls, grabs of user/DNS info, stealthy minimal file trees, and HTTPS exfiltration.

“Since switching from our previous SCA tool, Endor Labs has cut the findings we send to developers by 95%, which returned time to ship features faster, and helped us remediate exploitable vulnerabilities quickly with precise reachability and clear upgrade guidance,” said Shreyas Sriram, Security Engineer at Robinhood.

Sunil Agrawal, CISO at Glean added: "As a fast-growing AI company, we prioritize feature velocity without compromising security. Endor Labs’ unique reachability-based analysis and native integrations into our AI-native software development stack keep our developers focused on rapidly finding and fixing real risks in the SDLC, so we ship faster with confidence."

To learn more about Endor Labs and its recent company momentum, visit www.endorlabs.com. 

About Endor Labs 

Endor Labs is building the application security platform for the software development revolution. From open source to AI-generated code, it helps teams identify, prioritize, and fix the vulnerabilities that actually matter—faster. With deep program analysis, automated remediation, and unmatched dataset coverage, Endor Labs empowers modern engineering and security teams to move fast without compromise.