Learn

Learn about software supply chain security and Endor Labs.

Featured resources

Classic Vulnerabilities Meet AI Infrastructure: Why MCP Needs AppSec
Blog

Classic Vulnerabilities Meet AI Infrastructure: Why MCP Needs AppSec

Jan 23, 2026
How Fake Font Packages Abused npm as a CDN
Blog

How Fake Font Packages Abused npm as a CDN

Jan 23, 2026
Understanding NPM Worms and the Shai-Hulud Attack
Blog

Understanding NPM Worms and the Shai-Hulud Attack

Nov 25, 2025
StackHawk + Endor Labs: Correlating SAST and DAST Alerts
Blog

StackHawk + Endor Labs: Correlating SAST and DAST Alerts

Nov 20, 2025
Show filters
Topic
Medium
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Security
What are Maven dependency scopes and their related security risks?
Blog

What are Maven Dependency Scopes and Their Related Security Risks?

Nov 29, 2022
Security
Compliance & SBOM
Open Source
The Government's Role in Maintaining Open-Source Security
Blog

The Government's Role in Maintaining Open Source Security

Nov 21, 2022
SCA
Security
Introduction to Program Analysis
Blog

Introduction to Program Analysis

Nov 17, 2022
News
More Than 30 Industry-Leading CISOs Personally Invest in Endor Labs
Blog

More Than 30 Industry-Leading CISOs Personally Invest in Endor Labs

Nov 9, 2022
News
SCA
From cloud security to code security: why we've raised $25M to take on OSS dependency sprawl
Blog

From Cloud Security to Code Security: Why We've Raised $25M to Take on OSS Dependency Sprawl

Oct 11, 2022
News
Open Source
Endor Labs Launches with $25M Seed Financing to Tackle Massive Sprawl of Open Source Software (OSS)
Blog

Endor Labs Launches with $25M Seed Financing to Tackle Massive Sprawl of Open Source Software (OSS)

Oct 10, 2022
Security
Compliance & SBOM
SBOMs are just a means to an end
Blog

SBOMs are Just a Means to an End

Sep 13, 2022
Security
Open Source
Introducing the OpenSSF Scorecard API
Blog

Introducing the OpenSSF Scorecard API

Sep 8, 2022
Developer Productivity
How to get the most out of GitHub API rate limits
Blog

How to Get the Most out of GitHub API Rate Limits

Aug 21, 2022
News
Opinion
Why I joined Endor Labs to Build our India Team
Blog

Why I Joined Endor Labs to Build our India Team

Aug 2, 2022
Opinion
Security
Open Source
How Zero Trust principles can accelerate open source adoption in enterprises
Blog

How Zero Trust Principles Can Accelerate Enterprise Adoption of OSS

Jul 25, 2022
Security
Tech
What security teams need to know about software development
Blog

What Security Teams Need to Know about Software Development

Jul 14, 2022
Opinion
Security
CSRB Log4j Report - The Response is as Dangerous as the Vulnerability
Blog

CSRB Log4j Report - The Response is as Dangerous as the Vulnerability

Jul 14, 2022
Security
Developer Productivity
Opinion
Polyrepo vs. Monorepo - How does it impact dependency management?
Blog

Polyrepo vs. Monorepo - How Does it Impact Dependency Management?

Jul 12, 2022

Want to stay in the loop?

Sign up for our newsletter.

Welcome to the resistance
Oops! Something went wrong while submitting the form.