Platform

Shift Left AppSec Platform

Unify security scanners in one platform that cuts through noise.

Fix what’s easy, patch what's hard, and avoid breaking changes.

AI Code Security

Prepare for AI adoption and increase AppSec productivity.

Ecosystem

Languages & Integrations

Microsoft Defender for Cloud

GitHub Advanced Security

Use Cases

Reachability & Remediation Based SCA

AI Security Code Review

OSS Security Patches

Container Scanning

Learn

Learn by Topic

Compliance & SBOM

Developer Productivity

First Party Code

Learn by Category

Featured resources

Code Prompt Library

Artifact Signing

SCA for Python and AI Apps

Tools

Code Prompt Library

Company

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

Recent resources

Securing AI Coding Assistants: A Total Cost Analysis

Endor Labs Now Available on Google Cloud Marketplace

How to Detect Infrastructure as Code (IaC) Misconfigurations with AI Security Code Review

Platform

Shift Left AppSec Platform

Unify security scanners in one platform that cuts through noise.

Fix what’s easy, patch what's hard, and avoid breaking changes.

AI Code Security

Prepare for AI adoption and increase AppSec productivity.

Ecosystem

Languages & Integrations

Microsoft Defender for Cloud

GitHub Advanced Security

Use Cases

Reachability & Remediation Based SCA

AI Security Code Review

OSS Security Patches

Container Scanning

Learn

Learn by Topic

Compliance & SBOM

Developer Productivity

First Party Code

Learn by Category

Featured resources

Code Prompt Library

Artifact Signing

SCA for Python and AI Apps

Tools

Code Prompt Library

Company

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

Recent resources

Securing AI Coding Assistants: A Total Cost Analysis

Endor Labs Now Available on Google Cloud Marketplace

How to Detect Infrastructure as Code (IaC) Misconfigurations with AI Security Code Review

Learn

Learn about software supply chain security and Endor Labs.

Featured resources

AI Security Code Review: A Multi-Agent Approach for Detecting Security Design Flaws at Scale

Ebook/Report

AI Security Code Review: A Multi-Agent Approach for Detecting Security Design Flaws at Scale

Apr 23, 2025

Introducing the Endor Labs MCP Server: fix-first security for the vibe coding era

Blog

Introducing the Endor Labs MCP Server: fix-first security for the vibe coding era

Apr 23, 2025

Introducing AI Security Code Review

Blog

Introducing AI Security Code Review

Apr 23, 2025

Meet the application security platform built for the AI era

Blog

Meet the application security platform built for the AI era

Apr 23, 2025

Topic

AI/ML

CI/CD

Compliance & SBOM

Developer Productivity

First Party Code

News

Open Source

Opinion

SCA

Security

Tech

Medium

Blog

Customer Story

Ebook/Report

Solution Brief

Video

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

SCA

Open Source

Security

Next-Gen SCA for C/C++: Closing the Detection Gap

Blog

Next-Gen SCA for C/C++: Closing the Detection Gap

Jun 11, 2025

Security

AI/ML

Critical SQL Injection Vulnerability in LlamaIndex (CVE-2025-1793) – Advisory and Analysis

Blog

Critical SQL Injection Vulnerability in LlamaIndex (CVE-2025-1793) – Advisory and Analysis

Jun 9, 2025

Open Source

Security

AppSec’s Exploitation Era:What Verizon, Mandiant, and Datadog Are Telling Us

Blog

AppSec’s Exploitation Era: What Verizon, Mandiant, and Datadog Are Telling Us

Jun 4, 2025

First Party Code

Security

Benchmarking Opengrep Performance Improvements

Blog

Benchmarking Opengrep Performance Improvements

May 29, 2025

Security

Open Source

The UK Software Security Code of Practice through a Software Supply Chain Lens

Blog

The UK Software Security Code of Practice through a Software Supply Chain Lens

May 22, 2025

First Party Code

Security

CVE-2025-47949 Reveals Flaw in samlify That Opens Door to SAML Single Sign-On Bypass

Blog

CVE-2025-47949 Reveals Flaw in samlify That Opens Door to SAML Single Sign-On Bypass

May 20, 2025

Security

Developer Productivity

Endor Labs Policies: Developer-Friendly Security Automation

Ebook/Report

Endor Labs Policies: Developer-Friendly Security Automation

May 19, 2025

Security

CVE-2025-4641 is Critical, But Likely Unreachable

Blog

CVE-2025-4641 is Critical, But Likely Unreachable

May 16, 2025

Security

Mastering Security Automation: Exception and Remediation Policies

Blog

Mastering Security Automation: Exception and Remediation Policies

May 15, 2025

Open Source

5 Tips for Managing Bazel Dependencies (Without Losing Friends)

Blog

5 Tips for Managing Bazel Dependencies (Without Losing Friends)

May 12, 2025

Security

Blog

Why Security Policies Frustrate Developers (and How We Can Fix Them)

May 6, 2025

Security

Open Source

News

Open Source Gets Political: What The easyjson Debate Misses (and what to do about it)

Blog

Open Source Gets Political: What The easyjson Debate Misses (and what to do about it)

May 5, 2025

News

Why We Raised a $93M Series B (In This Market)

Blog

Why We Raised a $93M Series B (In This Market)

Apr 23, 2025

AI/ML

Security

Secure AI-Generated Code at the Source

Solution Brief

Secure AI-Generated Code at the Source

Apr 23, 2025

AI/ML

Security

AI Security Code Review: A Multi-Agent Approach for Detecting Security Design Flaws at Scale

Ebook/Report

AI Security Code Review: A Multi-Agent Approach for Detecting Security Design Flaws at Scale

Apr 23, 2025

AI/ML

Security

Introducing the Endor Labs MCP Server: fix-first security for the vibe coding era

Blog

Introducing the Endor Labs MCP Server: fix-first security for the vibe coding era

Apr 23, 2025

AI/ML

Security

Introducing AI Security Code Review

Blog

Introducing AI Security Code Review

Apr 23, 2025

AI/ML

News

Meet the application security platform built for the AI era

Blog

Meet the application security platform built for the AI era

Apr 23, 2025

Security

Open Source

Critical RCE Vulnerability in Apache Parquet (CVE-2025-30065) – Advisory and Analysis

Blog

Critical RCE Vulnerability in Apache Parquet (CVE-2025-30065) – Advisory and Analysis

Apr 2, 2025

Open Source

SCA

Security

OWASP OSS Risk 2: Compromise of Legitimate Package

Blog

OWASP OSS Risk 2: Compromise of Legitimate Package

Mar 25, 2025

CI/CD

Open Source

Security

Blast Radius of the tj-actions/changed-files Supply Chain Attack

Blog

Blast Radius of the tj-actions/changed-files Supply Chain Attack

Mar 19, 2025

...

2 / 11

Sorry, no results matching your search.

Want to stay in the loop?

Sign up for our newsletter.

Email

Welcome to the resistance

Oops! Something went wrong while submitting the form.

Home Pricing Contact Us

Company

LEARN

Blog Documentation eBook / Reports Events LeanAppSec Solution Brief Video

Tools

TEI Calculator Risk Explorer

Why Us?

vs. Snyk vs. Traditional SCA vs. Runtime SCA

Products

Endor Labs Supply Chain

Endor Open Source

Use Cases

Code Scanning Code Scanning

SAST & Secret Detection SAST & Secret Detection

AI Code Governance AI Code Governance

Upgrades & Remediation Upgrades & Remediation

SBOM Ingestion SBOM Ingestion

AI Apps AI Apps

Bazel Monorepos Bazel Monorepos

Digital Operational Resilience Act (DORA)Digital Operational Resilience Act (DORA)

PCI DSS PCI DSS

Container Scanning Container Scanning

GitHub Actions GitHub Actions

CI/CD Discovery CI/CD Discovery

Artifact Signing Artifact Signing

Compliance & SBOM Compliance & SBOM

SCA with Reachability SCA with Reachability

Integrations

VS Code / GitHub Copilot VS Code / GitHub Copilot

Microsoft Defender for Cloud Microsoft Defender for Cloud

Bitbucket Bitbucket

.NET (C#).NET (C#)

TypeScript TypeScript

JavaScript JavaScript

Jenkins Jenkins

CircleCI CircleCI

© 2025 Endor Labs. All rights reserved.

Legal and Privacy Trust and Security

All names, logos, and brands of third parties listed on our site are trademarks of their respective owners. Endor Labs and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.