By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
18px_cookie
e-remove

Endor Labs is SOC2 Certified!

Open Source security doesn't have to SOC (sorry, I had to). We're excited to announce we have received a clean audit result on our SOC2 Type 1 certification.

Open Source security doesn't have to SOC (sorry, I had to). We're excited to announce we have received a clean audit result on our SOC2 Type 1 certification.

Open Source security doesn't have to SOC (sorry, I had to). We're excited to announce we have received a clean audit result on our SOC2 Type 1 certification.

Written by
A photo of Ron Harnik — VP Marketing at Endor Labs.
Ron Harnik
Published on
February 9, 2023

Open Source security doesn't have to SOC (sorry, I had to). We're excited to announce we have received a clean audit result on our SOC2 Type 1 certification.

Open Source security doesn't have to SOC (sorry, I had to). We're excited to announce we have received a clean audit result on our SOC2 Type 1 certification.

We are proud to announce that Endor Labs has successfully completed a System and Organization Controls (SOC) 2 Type I audit. 

The SOC 2 information security standard, developed by the American Institute of Certified Public Accountants (AICPA), evaluates the security, availability, processing integrity, confidentiality, and privacy controls relevant to customer data. A SOC 2 Type I report examines the design of a service organization's controls and confirms that they meet the required trust services criteria.

We are pleased to announce that our SOC 2 Type I report did not have any exceptions and was issued with a "clean" audit result. This demonstrates our commitment to maintaining the highest standards of information security and data protection.

At Endor Labs, we understand the importance of protecting our customers' sensitive information and are dedicated to providing the highest level of security. The successful completion of this SOC 2 Type I audit confirms our commitment to security and privacy, and we will continue to take the necessary steps to ensure that our systems, processes, and people are secure.

Endor Labs helps security and engineering teams safely scale the use of open source software at the enterprise by focusing on the four main stages of the dependency management lifecycle:

  • Select better dependencies - Evaluate open source software on popularity, supportability and quality metrics as well as security metrics such as CVEs, malware, and risky APIs. Enforce governance policies that help developers select safer, more sustainable open source packages. 
  • Secure the supply chain - Once OSS packages are in your codebase, use static analysis and call graphs to prioritize vulnerabilities that are actually reachable and continuously monitor dependencies for security and operational risk, and detect next-gen attacks like typosquatting. 
  • Maintain & optimize - Consolidate versions and detect unmaintained or unused dependencies. Reducing the overall amount of dependencies improves build times and reduces the supply chain attack surface.
  • Comply with emerging standards - Create, store, and analyze 1st and 3rd party SBOMs in one place, and generate automatic Vulnerability and Exploitability eXchange (VEX) documents.

Want to see Endor Labs in action? Check out our demo library!

The Challenge

The Solution

The Impact

Get new posts in your inbox.

Get new posts in your inbox.

Get new posts in your inbox.

Welcome to the resistance
Oops! Something went wrong while submitting the form.

Get new posts in your inbox.

Get new posts in your inbox.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get new posts in your inbox.