By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyAccept
18px_cookie
e-remove
Blog
Glossary
Customer Story
Video
eBook / Report
Solution Brief

Prioritizing SCA Findings with Reachability Analysis - On-Demand Webinar

In this on-demand webinar, Darren Meyer (Staff Research Engineer, Endor Labs) discusses how reachability analysis can reduce SCA noise.

The session kicks off with a technical overview of dependency management followed by a case study where a customer achieved a 93.56% reduction in alerts, and concludes with Q&A.

Key moments include:

  • 00:26 - The AppSec "hamster wheel of doom"
  • 03:00 - Discovering which part of an OSS package is vulnerable and expoitable
  • 07:25 - A case study on prioritizing SCA results
  • 11:14 - Reachability based on program analysis
  • 21:38 - SBOM support in an SCA tool
  • 22:18 - Augmenting Dependabot with Endor Labs

In this on-demand webinar, Darren Meyer (Staff Research Engineer, Endor Labs) discusses how reachability analysis can reduce SCA noise.

The session kicks off with a technical overview of dependency management followed by a case study where a customer achieved a 93.56% reduction in alerts, and concludes with Q&A.

Key moments include:

  • 00:26 - The AppSec "hamster wheel of doom"
  • 03:00 - Discovering which part of an OSS package is vulnerable and expoitable
  • 07:25 - A case study on prioritizing SCA results
  • 11:14 - Reachability based on program analysis
  • 21:38 - SBOM support in an SCA tool
  • 22:18 - Augmenting Dependabot with Endor Labs

In this on-demand webinar, Darren Meyer (Staff Research Engineer, Endor Labs) discusses how reachability analysis can reduce SCA noise.

The session kicks off with a technical overview of dependency management followed by a case study where a customer achieved a 93.56% reduction in alerts, and concludes with Q&A.

Key moments include:

  • 00:26 - The AppSec "hamster wheel of doom"
  • 03:00 - Discovering which part of an OSS package is vulnerable and expoitable
  • 07:25 - A case study on prioritizing SCA results
  • 11:14 - Reachability based on program analysis
  • 21:38 - SBOM support in an SCA tool
  • 22:18 - Augmenting Dependabot with Endor Labs

Open Report

View Report

Written by
Darren Meyer
Darren Meyer
Published on
March 6, 2024
Topics
SCA
Security

In this on-demand webinar, Darren Meyer (Staff Research Engineer, Endor Labs) discusses how reachability analysis can reduce SCA noise.

The session kicks off with a technical overview of dependency management followed by a case study where a customer achieved a 93.56% reduction in alerts, and concludes with Q&A.

Key moments include:

  • 00:26 - The AppSec "hamster wheel of doom"
  • 03:00 - Discovering which part of an OSS package is vulnerable and expoitable
  • 07:25 - A case study on prioritizing SCA results
  • 11:14 - Reachability based on program analysis
  • 21:38 - SBOM support in an SCA tool
  • 22:18 - Augmenting Dependabot with Endor Labs

In this on-demand webinar, Darren Meyer (Staff Research Engineer, Endor Labs) discusses how reachability analysis can reduce SCA noise.

The session kicks off with a technical overview of dependency management followed by a case study where a customer achieved a 93.56% reduction in alerts, and concludes with Q&A.

Key moments include:

  • 00:26 - The AppSec "hamster wheel of doom"
  • 03:00 - Discovering which part of an OSS package is vulnerable and expoitable
  • 07:25 - A case study on prioritizing SCA results
  • 11:14 - Reachability based on program analysis
  • 21:38 - SBOM support in an SCA tool
  • 22:18 - Augmenting Dependabot with Endor Labs

Open Report

View Report

Code prompt library

40+ AI Prompts for Secure Vibe Coding

Find out More

Download

What's next?

When you're ready to take the next step in securing your software supply chain, here are 3 ways Endor Labs can help:

Explore the Secure Code Prompt Library
Download 40+ AI prompts for secure vibe coding.
Take a tour of Endor Labs
Explore Endor Labs with a self-guided platform tour.
Book a Demo
See Endor Labs in action with a custom walkthrough.
📘 Secure code prompt library🧭 Take a platform tour🤝 Book a Demo

Contents

Table of Contents
Code prompt library

40+ AI Prompts for Secure Vibe Coding

Find out More

The Challenge

The Solution

The Impact

Get a demo of Endor Labs

Get a demo of Endor Labs

Get a demo of Endor Labs

Welcome to the resistance
Oops! Something went wrong while submitting the form.

Get a demo of Endor Labs

Get a demo of Endor Labs

Subscribe
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get a demo of Endor Labs

Related Posts

Introducing CI/CD Security with Endor Labs

Introducing CI/CD Security with Endor Labs

Endor Labs CI/CD helps organizations secure their pipelines through pipeline discovery, repository security posture management, and build integrity verification (artifact signing).
Learn More
The Uncomfortable Truth of Vulnerable and Outdated Software Components

The Uncomfortable Truth of Vulnerable and Outdated Software Components

Learn where common industry sayings such as “stay up to date” come from and how you can help Endor Labs help you overcome those challenges.
Learn More
Streamline Investigation with Enriched Vulnerability Search

Streamline Investigation with Enriched Vulnerability Search

Endor Labs Vulnerability Search helps you investigate CVEs with enriched metadata, call paths, and precise impact analysis—resolving conflicts across public feeds.
Learn More
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.