Summarize with AI
Code prompt library
40+ AI Prompts for Secure Vibe Coding
Find out More
What's next?
When you're ready to take the next step in securing your software supply chain, here are 3 ways Endor Labs can help:
Blog
Glossary
Customer Story
Video
eBook / Report
Solution Brief
Rubrik Hits Aggressive SLAs via Endor Labs
Founded in 2014, Rubrik is a comprehensive data security platform that delivers complete cyber resilience with both cyber posture and cyber recovery. Rubrik uses Endor Labs for SCA, SAST, container scanning, and secret detection.
Founded in 2014, Rubrik is a comprehensive data security platform that delivers complete cyber resilience with both cyber posture and cyber recovery. Rubrik uses Endor Labs for SCA, SAST, container scanning, and secret detection.
Founded in 2014, Rubrik is a comprehensive data security platform that delivers complete cyber resilience with both cyber posture and cyber recovery. Rubrik uses Endor Labs for SCA, SAST, container scanning, and secret detection.
Written by
Jenn Gile
Published on
December 2, 2025
Topics
Key Results with Endor Labs:
- Rapid response to malware
- Faster remediation and MTTR
- Security shifted left
- Sustaining FedRAMP rigor
Our FedRAMP environment requires more rigor than you would normally get in any other kind of product release, with near zero tolerance for vulnerabilities. Endor Labs’ reachability analysis and consolidated findings reduced the number of true positives requiring remediation, which is a huge time- and money-saver.”
Founded in 2014, Rubrik is a comprehensive data security platform that delivers complete cyber resilience with both cyber posture and cyber recovery. Rubrik uses Endor Labs for SCA, SAST, container scanning, and secret detection.
Founded in 2014, Rubrik is a comprehensive data security platform that delivers complete cyber resilience with both cyber posture and cyber recovery. Rubrik uses Endor Labs for SCA, SAST, container scanning, and secret detection.
Rubrik’s application security (AppSec) program is strategically funded to take a proactive approach to security, ensuring the highest level of protection for Rubrik software products and customer data. However, the team was challenged by existing tools that undermined efficiency and credibility.
Major pain points were the lack of native Bazel support for their software composition analysis (SCA) tool and poor integration between various scanners. These issues required the security team to manually triage and deduplicate findings, which caused:
- Credibility Erosion: False positives and duplicate findings damaged credibility when assigning tickets to engineering because the team struggled to identify which vulnerabilities really needed to be fixed.
- Wasted Time: When tickets were inaccurate or duplicated, it meant the engineering team wasted time on "ticket management" instead of remediation. For the security team, they had to validate issues, running through scripts, and checking findings to ensure accuracy.
- Strategic Opportunity Cost: Burdensome manual work prevented security engineers from focusing on high-value activities, such as partnering with engineering on shift left initiatives, security design reviews, and threat modeling.
Compounding these challenges was the company’s pursuit of FedRAMP authorization, which is the most rigorous standard for vulnerability management. With zero tolerance for issues and vulnerabilities, all findings must either be fixed or ruled out by demonstrating that they're false positives. Without a more automated and accurate solution, the team would be hard pressed to keep up with Continuous Monitoring (ConMon) requirements.
Rubrik sought a cohesive, high-fidelity AppSec platform that consolidated tools (SCA, SAST, container scanning, and secret detection) and scaled with their programs. Their requirements for a new platform included:
- Comprehensive coverage: Native Bazel support was essential for reducing manual workarounds.
- High-fidelity, actionable findings: They needed to build trust by presenting facts and data that could be substantiated.
- Operational efficiency and consolidation: To increase simplicity and decrease manual efforts, they wanted to consolidate AppSec scanners into a single source of truth.
- Streamlined remediation and dependency management: The solution needed to support a “fix-based approach" that made possible the vision of "one ticket, one fix". And they wanted to enable proactive attack surface reduction and reduce the cost of patching unnecessary components.
Why Endor Labs Won
Rubrik chose Endor Labs to be their AppSec platform because:
- Gold-standard Bazel support: Endor Labs is the only platform that supports Bazel without requiring workarounds.
- Single vendor and pane of glass: Rubrik was able to collapse all their AppSec scanning needs (SCA, SAST, secret detection, and container scanning) into one trusted vendor. And whether through the UI or API, all types of risks can be managed from one place with access to the same powerful policy engine.
- Strong, responsive partnership: Throughout the evaluation process, the Endor Labs team was responsive and collaborative, making it easy to get the solution running quickly and building confidence that Rubrik would quickly achieve value and continuously mature the program.
Since implementing Endor Labs’ AppSec platform, Rubrik has experienced several major changes and positive outcomes relating to speed, trust, achieving compliance rigor, and operational efficiency. Today they use Endor Labs for SCA, SAST, container scanning, and secret detection.
“Time-to-value was almost instant. This was a big difference from most vendors where you spend a year deploying and upgrading processes just to make it work.”
- Marty Garvin, Head of Security @ Rubrik
Rapid response to malware attacks
Rubrik gained immediate, comprehensive visibility into its dependency usage that allows them to quickly rule out or confirm exposure during supply chain attacks. Following a recent npm malware disclosure, the team was able to determine they weren’t using any affected versions from 187 compromised packages within approximately 30 minutes of the attack becoming public. And they continue to use Endor Labs to monitor for the significant number of compromised packages that grew out of the Shai-Hulud attack.
“When it comes to malware attacks, Endor Labs helps me sleep better at night because I know we can quickly figure out whether we’re impacted, and if not, move on with our day.”
- Marty Garvin, Head of Security @ Rubrik
Fast remediation and better MTTR
Endor Labs’ accuracy has been pivotal in helping the team establish confidence in findings, eliminating the time required to manually validate issues. With correlation between SCA and container findings, the team has implemented their “one ticket, one fix” dream. Today, they’re better positioned to satisfy aggressive SLAs required for FedRAMP authorization. The security team can now spend more time partnering with the business and focusing on impactful tasks like threat modeling and secure design reviews.
“Endor Labs gives us the data to see what’s exploitable and needs to be fixed. We have tight remediation SLAs, as short as 24 hours, and Rubrik is consistently hitting them because we don’t have to argue over whether a finding is real.”
- Marty Garvin, Head of Security @ Rubrik
Security shifting left
Engineering teams know that it’s easier to fix vulnerabilities when they’re found in development compared to ripping things out after the product has been released. But teams using Bazel monorepos often struggle to shift security left because existing SCA tools provide incomplete or inaccurate results. Endor Labs’ baked-in Bazel capabilities made it possible for Rubrik to embed scanning in CI, so issues are raised before PRs are merged. And with a more accurate picture of their dependencies, the security team has the crucial ability to reliably identify unused dependencies. Now they can approach engineering with high assurance when suggesting the removal of unused dependencies.
“Endor Labs' native Bazel integration is the best on the market. It’s eliminated the previous complexity, delivering the confidence required to shift left and reliably identify/remove unused dependencies.”
- Kevin Vaughan, Senior Manager Information Security @ Rubrik
Sustaining FedRAMP rigor
Rubrik’s pursuit of FedRAMP Moderate authorization positioned the company to sell to the government, but maintaining this certification requires significant program management, constant vigilance against new issues, and extensive documentation and evidence gathering for continuous monitoring (ConMon) requirements. Endor Labs’ high fidelity findings and consolidated platform reduce the manual work required to validate results and produce evidence for the 3PAO. This efficiency allows Rubrik to navigate the never-ending exercise of scanning, validating, and ensuring compliance, enabling them to meet the exacting audit standards required for maintaining FedRAMP authorization.
“Our FedRAMP environment requires more rigor than you would normally get in any other kind of product release, with near zero tolerance for vulnerabilities. Endor Labs’ reachability analysis and consolidated findings reduced the number of true positives requiring remediation, which is a huge time- and money-saver.”
- Marty Garvin, Head of Security @ Rubrik
Looking Ahead
The team is looking forward to several future advancements and applications of Endor Labs, including:
- Achieving faster SAST triaging through false positive reduction (enabled by call graphs and LLMs)
- Discovering whether container vulnerabilities are reachable at the OS layer
- Improving the security of AI-generated code by integrating scanning with tools like Cursor
Book a Demo
Book a Demo
Book a Demo
Welcome to the resistance
Oops! Something went wrong while submitting the form.
Book a Demo
Book a Demo
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
