AI at Endor Labs: A Brief History

In early 2023, we launched DroidGPT, our first exploration bringing generative AI into the world of application security. It was a humble starting point where users could ask questions relevant to them. But it also revealed something important: application security engineers are ready to talk to their tools, not just click through them.

Getting instant answers, including risk scores of each packages, from ask DroidGPT

Since then, we have expanded AI capabilities across our platform, solving new challenges with AI Model Discovery and AI Security Code Review and old ones with SCA for C and C++ languages. But with each new capability, a bigger question emerged: 

If AI is changing how we build software, shouldn’t it also change how we experience software? 

Enterprise software today is a maze of dashboards, filters, and endless tabs. While they are powerful, these interfaces often require deep platform knowledge to navigate and extract value. Are those still the best way to get users the information they need? In a world where AI can reason, summarize, and act, shouldn’t we shift from “click and configure” to “ask and collaborate”?

As we built the application security platform for the AI era, we saw an opportunity to reimagine how users experienced Endor Labs, and we turned to our customers to help guide the way.

What We Learned: Insights from AI Chat Research

We conducted in-depth interviews with security engineers and AppSec leaders. Our goal was to understand how users expect AI assistants to fit into their workflows as a partner they can trust. We spoke with both new users and existing users who are familiar with Endor Labs, and we asked them 3 key questions:

“Can this be automated?”

We asked users to walk us through their workflows. Throughout the discussion, we explored areas of the workflows that can be automated with AI.

Many participants were already building internal tools to handle repetitive tasks. The idea that AI could learn from their patterns and take initiative lit up the conversation. 

Our users want more than smart answers. They want proactive automation that reduces toil and reflects how they work over time.

“Can I take action right from chat?”

We tested multiple chat experiences, ranging from purely informational to actionable flows. We observed how users responded to each interaction model. 

Users favored AI that could complete a task. They didn’t want to stop at analysis; the next step should be right there. 

The value of AI lies in accelerating outcomes. Users expect to act within the chat, not just search and summarize.

“Can it learn from how I work?”

We explored with users how they expected AI chat to evolve over time, and whether they imagined saving chats or personalized behavior. We also tested their reactions to concepts that adapt based on usage.

Users didn’t want to start from scratch each time. They wanted the system to evolve with them by noticing what they repeat, ignore, or follow up on. 

Implicit behaviors, such as what users skip, act on, or repeat, is a powerful signal for personalization and continuous improvement. Not only saving time, the system that improves based on real usage creates trust.

Agentic Chat is Here: Three Ways It Transforms Your Workflow

This research is already shaping the future of Endor Labs. We are excited to announce the early availability of agentic chat, our next-generation conversational experience. Agentic chat brings the insight from our research directly into your workflow.

Get Started Faster with Pre-Set Prompts

No need to think about what to ask first. Our pre-set prompts guide you to common questions asked by our users, like “Summarize this finding” or “How can I fix this?” 

Understand Package Errors Instantly

To help users understand what happens to a package within a project during scans, agentic chat can quickly explain package resolution and reachability errors, and suggest ways to fix them. By entering the error message, the chat retrieves the full context, making it easier to troubleshoot issues without digging through multiple pages.

Deeper Insights from the Endor Vulnerability Search

Ask the chat for more context on any finding. It pulls enriched details from the Endor Labs vulnerability search and guides you a step further with your investigation.

This is just the beginning

From contextual AI chat to workflow automation, we’re reimagining how AppSec engineers secure software at scale. Agentic chat is designed to save time, reduce toil, and keep workflow moving within an intelligent conversation. Other exciting capabilities are already on the horizon. Stay tuned as we continue to expand what agentic chat and introduce other agentic UX features to the Endor Labs application security platform.

At Endor Labs, we design for AppSec engineers who want to move fast and secure smarter. Book a demo to understand how Endor Labs can streamline your workflows with intelligent automation and actionable AI.