Platform

Shift Left AppSec Platform

Unify security scanners in one platform that cuts through noise.

Fix what’s easy, patch what's hard, and avoid breaking changes.

AI Code Security

Prepare for AI adoption and increase AppSec productivity.

Ecosystem

Languages & Integrations

Microsoft Defender for Cloud

GitHub Advanced Security

Use Cases

Reachability & Remediation Based SCA

AI Security Code Review

OSS Security Patches

Malware Package Detection

Container Scanning

Learn

Learn by Topic

Compliance & SBOM

Developer Productivity

First Party Code

Learn by Category

Featured resources

Code Prompt Library

Artifact Signing

SCA for Python and AI Apps

Tools

Code Prompt Library

Company

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

Recent resources

How to Defend Against NPM Software Supply Chain Attacks

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Endor Labs Drives 225% Revenue Growth, Pioneers the Future of Secure SDLC

Platform

Shift Left AppSec Platform

Unify security scanners in one platform that cuts through noise.

Fix what’s easy, patch what's hard, and avoid breaking changes.

AI Code Security

Prepare for AI adoption and increase AppSec productivity.

Ecosystem

Languages & Integrations

Microsoft Defender for Cloud

GitHub Advanced Security

Use Cases

Reachability & Remediation Based SCA

AI Security Code Review

OSS Security Patches

Malware Package Detection

Container Scanning

Learn

Learn by Topic

Compliance & SBOM

Developer Productivity

First Party Code

Learn by Category

Featured resources

Code Prompt Library

Artifact Signing

SCA for Python and AI Apps

Tools

Code Prompt Library

Company

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

Recent resources

How to Defend Against NPM Software Supply Chain Attacks

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Endor Labs Drives 225% Revenue Growth, Pioneers the Future of Secure SDLC

Learn

Learn about software supply chain security and Endor Labs.

Featured resources

A virus-like npm malware attack has spread to 180+ packages so far, including CrowdStrike and Tinycolor.

Blog

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Sep 16, 2025

AI Security Code Review: A Multi-Agent Approach for Detecting Security Design Flaws at Scale

Ebook/Report

AI Security Code Review: A Multi-Agent Approach for Detecting Security Design Flaws at Scale

Apr 23, 2025

Introducing the Endor Labs MCP Server: fix-first security for the vibe coding era

Blog

Introducing the Endor Labs MCP Server: fix-first security for the vibe coding era

Apr 23, 2025

Introducing AI Security Code Review

Blog

Introducing AI Security Code Review

Apr 23, 2025

Topic

AI/ML

CI/CD

Compliance & SBOM

Developer Productivity

First Party Code

Malware

News

Open Source

Opinion

SCA

Security

Tech

Medium

Blog

Customer Story

Ebook/Report

Solution Brief

Video

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

SCA

Security

Open Source

OWASP Top 10 Risks for Open Source

Ebook/Report

OWASP Top 10 Risks for Open Source

Mar 1, 2023

Security

Compliance & SBOM

How to quickly measure SBOM accuracy for Maven projects (for free)

Blog

How to Quickly Measure SBOM Accuracy for Maven Projects (for Free)

Feb 28, 2023

Compliance & SBOM

News

Security

Endor Labs is SOC2 Certified!

Blog

Endor Labs is SOC2 Certified!

Feb 9, 2023

SCA

Open Source

Introduction to Open Source Security

Video

Introduction to Open Source Security - Webinar

Feb 3, 2023

SCA

Open Source

Comparing SBOMs Generated at Different Lifecycle Stages

Video

Comparing SBOMs Generated at Different Lifecycle Stages - Webinar

Feb 3, 2023

Security

Compliance & SBOM

SBOM vs. SBOM: Comparing SBOMs from different tools and lifecycle stages

Blog

SBOM vs. SBOM: Comparing SBOMs from Different Tools and Lifecycle Stages

Feb 2, 2023

Developer Productivity

Security

What breaking changes teach us about security

Blog

What Breaking Changes Teach Us about Security

Jan 31, 2023

Compliance & SBOM

Open Source Licensing Simplified: A Comparative Overview of Popular Licenses

Blog

Open Source Licensing Simplified: A Comparative Overview of Popular Licenses

Jan 24, 2023

Security

Compliance & SBOM

What is VEX and why should I care?

Blog

What is VEX and Why Should I Care?

Jan 18, 2023

Security

Open Source

Malware

Whatfuscator, malicious open source packages, and other beasts

Blog

Whatfuscator, Malicious Open Source Packages, and Other Beasts

Jan 9, 2023

Security

Exploring Risk: Understanding Software Supply Chain Attacks

Blog

Exploring Risk: Understanding Software Supply Chain Attacks

Jan 5, 2023

News

Endor Labs and Intuitive partner to help enterprises leverage open source software most securely and effectively

Blog

Endor Labs and Intuitive Partner to Help Enterprises Leverage OSS

Jan 2, 2023

SCA

Security

What is reachability-based dependency analysis?

Blog

What is Reachability-Based Dependency Analysis?

Dec 21, 2022

SCA

Security

Open Source

State of Dependency Management 2022

Ebook/Report

State of Dependency Management 2022

Dec 8, 2022

SCA

Open Source

Why We Need Static Analysis When Prioritizing Vulnerabilities

Video

Why We Need Static Analysis When Prioritizing Vulnerabilities - Webinar

Dec 6, 2022

Security

What are Maven dependency scopes and their related security risks?

Blog

What are Maven Dependency Scopes and Their Related Security Risks?

Nov 29, 2022

Security

Compliance & SBOM

Open Source

The Government's Role in Maintaining Open-Source Security

Blog

The Government's Role in Maintaining Open Source Security

Nov 21, 2022

SCA

Security

Introduction to Program Analysis

Blog

Introduction to Program Analysis

Nov 17, 2022

News

More Than 30 Industry-Leading CISOs Personally Invest in Endor Labs

Blog

More Than 30 Industry-Leading CISOs Personally Invest in Endor Labs

Nov 9, 2022

News

SCA

From cloud security to code security: why we've raised $25M to take on OSS dependency sprawl

Blog

From Cloud Security to Code Security: Why We've Raised $25M to Take on OSS Dependency Sprawl

Oct 11, 2022

News

Open Source

Endor Labs Launches with $25M Seed Financing to Tackle Massive Sprawl of Open Source Software (OSS)

Blog

Endor Labs Launches with $25M Seed Financing to Tackle Massive Sprawl of Open Source Software (OSS)

Oct 10, 2022

...

11 / 12

Sorry, no results matching your search.

Want to stay in the loop?

Sign up for our newsletter.

Email

Welcome to the resistance

Oops! Something went wrong while submitting the form.

Home Pricing Contact Us

Company

LEARN

Blog Documentation eBook / Reports Events LeanAppSec Solution Brief Video

Tools

TEI Calculator Risk Explorer

Why Us?

vs. Snyk vs. Traditional SCA vs. Runtime SCA

Products

Endor Labs Supply Chain

Endor Open Source

Use Cases

Malware Package Detection Malware Package Detection

Code Scanning Code Scanning

SAST & Secret Detection SAST & Secret Detection

AI Code Governance AI Code Governance

Upgrades & Remediation Upgrades & Remediation

SBOM Ingestion SBOM Ingestion

AI Apps AI Apps

Bazel Monorepos Bazel Monorepos

Digital Operational Resilience Act (DORA)Digital Operational Resilience Act (DORA)

PCI DSS PCI DSS

Container Scanning Container Scanning

GitHub Actions GitHub Actions

CI/CD Discovery CI/CD Discovery

Artifact Signing Artifact Signing

Compliance & SBOM Compliance & SBOM

SCA with Reachability SCA with Reachability

Integrations

VS Code / GitHub Copilot VS Code / GitHub Copilot

Microsoft Defender for Cloud Microsoft Defender for Cloud

Bitbucket Bitbucket

.NET (C#).NET (C#)

TypeScript TypeScript

JavaScript JavaScript

Jenkins Jenkins

CircleCI CircleCI

© 2025 Endor Labs. All rights reserved.

Legal and Privacy Trust and Security

All names, logos, and brands of third parties listed on our site are trademarks of their respective owners. Endor Labs and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.