Introducing security for AI coding agents and workstations

Product

Platform

Platform Overview

Developer Tools

FREE

Languages & Integrations

Use cases

AI Governance

AI Code

Open Source

SCA With Reachability

Malicious Package Detection

Package Firewall

Upgrade Impact Analysis

Container

Learn

Learn about software supply chain security and Endor Labs.

Featured resources

Blog

Introducing Security for AI Coding Agents and Workstations

May 12, 2026

Ebook/Report

Beyond Mythos: A CISO's Guide to Building an Effective Software Security Program for the AI Era

Apr 29, 2026

Blog

Claude Opus 4.7 Sets New Records in the Endor Labs Agent Security League

Apr 17, 2026

Blog

Surge in submissions forces NIST to change how it handles CVEs. Here's what it means for vulnerability management.

Apr 17, 2026

Show filters

Topic

AI/ML

CI/CD

Compliance & SBOM

Developer Productivity

DevSecOps Tools

First Party Code

Malware

News

Open Source

Opinion

SCA

Security

Tech

Medium

Blog

Customer Story

Ebook/Report

Solution Brief

Video

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Open Source

Security

Blog

Eight for One: Multiple Vulnerabilities Fixed in the Node.js Runtime

Jan 13, 2026

Security

Malware

Open Source

Blog

n8mare on auth street: supply chain attack targets n8n ecosystem

Jan 9, 2026

Open Source

Security

Blog

CVE-2025-12543: Host Header Validation Bypass in Undertow

Jan 9, 2026

Security

Open Source

Blog

CVE-2025-68428: Critical Path Traversal in jsPDF

Jan 6, 2026

AI/ML

Malware

Open Source

Security

Endor Labs integrates with Cursor hooks to detect malicious packages before AI agents install dependencies, preventing supply chain attacks at the moment of risk.

Blog

Bringing Malware Detection Into AI Coding Workflows with Cursor Hooks

Dec 17, 2025

Open Source

Security

Blog

When Regex Isn’t Enough: How We Discovered CVE-2025-13780 in pgAdmin

Dec 12, 2025

Security

Open Source

Blog

When a Broken Fix Leads to RCE: How We Found CVE-2025-66626 in Argo

Dec 12, 2025

Developer Productivity

Blog

From Vision to Reality: How Endor Labs Delivers Developer-First Security

Dec 9, 2025

Developer Productivity

Blog

Developer Experience: The Key to Successful Security

Dec 9, 2025

Security

Open Source

Blog

Critical Remote Code Execution (RCE) Vulnerabilities in React and Next.js

Dec 3, 2025

No items found.

Ebook/Report

The New era of Code-to-Cloud Security

Dec 2, 2025

Customer Stories

SCA

Tech

Compliance & SBOM

Malware

Customer Story

Rubrik Hits Aggressive SLAs via Endor Labs

Dec 2, 2025

Malware

Blog

Understanding NPM Worms and the Shai-Hulud Attack

Nov 25, 2025

Security

News

Malware

Blog

Shai-Hulud 2 Malware Campaign Targets GitHub and Cloud Credentials Using Bun Runtime

Nov 24, 2025

Open Source

News

Blog

The OWASP Top 10 Gets Modernized

Nov 21, 2025

News

Blog

How Endor Labs Is Supporting Bryce, a Next-Gen AppSec Builder

Nov 21, 2025

News

Blog

StackHawk + Endor Labs: Correlating SAST and DAST Alerts

Nov 20, 2025

Security

Developer Productivity

Ebook/Report

AI SAST: Combining Agents, Program Analysis, and Rules for High-Confidence Code Security

Nov 19, 2025

First Party Code

News

Blog

Introducing AI SAST That Thinks Like a Security Engineer

Nov 19, 2025

Malware

Security

Ebook/Report

Invisible Threats and the Blind Spots of Security  

Nov 13, 2025

News

Blog

Code-to-Cloud Application Risk Management with Upwind and Endor Labs

Nov 12, 2025

...

4 / 17

Want to stay in the loop?

Welcome to the resistance

Oops! Something went wrong while submitting the form.

Company

Home Pricing Contact Us About Careers

LEARN

Blog Documentation eBook / Reports Events LeanAppSec Solution Brief Video

Tools

Risk Explorer

Why Us?

vs Snyk vs Semgrep vs Socket vs Traditional SCA vs Runtime SCA

Products

Endor Labs Supply Chain

Use Cases

AI Code Governance AI Code Governance

AI Static Application Security Testing (SAST)AI Static Application Security Testing (SAST)

Artifact Signing Artifact Signing

Bazel Monorepos Bazel Monorepos

CI/CD Discovery CI/CD Discovery

Code Scanning Code Scanning

Compliance & SBOM Compliance & SBOM

Container Scanning Container Scanning

Digital Operational Resilience Act (DORA)Digital Operational Resilience Act (DORA)

GitHub Actions GitHub Actions

Malicious Package Detection Malicious Package Detection

PCI DSS PCI DSS

RSPM RSPM

SBOM Ingestion SBOM Ingestion

SCA with Reachability SCA with Reachability

Secrets Detection Secrets Detection

Upgrades & Remediation Upgrades & Remediation

Integrations

Endor Labs with GitHub Advanced Security

IDE

Microsoft Defender for Cloud

PHP

Legal and Privacy Trust and Security

All names, logos, and brands of third parties listed on our site are trademarks of their respective owners. Endor Labs and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.