Platform

Shift Left AppSec Platform

Unify security scanners in one platform that cuts through noise.

Fix what’s easy, patch what's hard, and avoid breaking changes.

AI Code Security

Prepare for AI adoption and increase AppSec productivity.

Ecosystem

Languages & Integrations

Microsoft Defender for Cloud

GitHub Advanced Security

Use Cases

Reachability-based SCA

AI Security Code Review

Malware Package Detection

Container Scanning

AI Model Governance

Secrets Detection

Security Patches

Learn

Learn by Topic

Compliance & SBOM

Developer Productivity

First Party Code

Learn by Category

Featured resources

Code Prompt Library

Artifact Signing

SCA for Python and AI Apps

State of Dependency Management 2025

Tools

Code Prompt Library

Company

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

Recent resources

Introducing AI SAST That Thinks Like a Security Engineer

Code-to-Cloud Application Risk Management with Upwind and Endor Labs

The Great Indonesian TEA Theft: Analyzing a NPM Spam Campaign

Platform

Shift Left AppSec Platform

Unify security scanners in one platform that cuts through noise.

Fix what’s easy, patch what's hard, and avoid breaking changes.

AI Code Security

Prepare for AI adoption and increase AppSec productivity.

Ecosystem

Languages & Integrations

Microsoft Defender for Cloud

GitHub Advanced Security

Use Cases

Reachability-based SCA

AI Security Code Review

Malware Package Detection

Container Scanning

AI Model Governance

Secrets Detection

Security Patches

Learn

Learn by Topic

Compliance & SBOM

Developer Productivity

First Party Code

Learn by Category

Featured resources

Code Prompt Library

Artifact Signing

SCA for Python and AI Apps

State of Dependency Management 2025

Tools

Code Prompt Library

Company

Achievements

Gartner Cool Vendor

CRN Stellar Startup

Intellyx Digital Innovation Award

Recent resources

Introducing AI SAST That Thinks Like a Security Engineer

Code-to-Cloud Application Risk Management with Upwind and Endor Labs

The Great Indonesian TEA Theft: Analyzing a NPM Spam Campaign

Learn

Learn about software supply chain security and Endor Labs.

Featured resources

Introducing AI SAST That Thinks Like a Security Engineer

Blog

Introducing AI SAST That Thinks Like a Security Engineer

Nov 19, 2025

Critical SQL Injection Vulnerability in Django (CVE-2025-64459)

Blog

Critical SQL Injection Vulnerability in Django (CVE-2025-64459)

Nov 6, 2025

State of Dependency Management 2025

Ebook/Report

State of Dependency Management 2025

Nov 4, 2025

A virus-like npm malware attack has spread to 180+ packages so far, including CrowdStrike and Tinycolor.

Blog

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Sep 16, 2025

Topic

AI/ML

CI/CD

Compliance & SBOM

Developer Productivity

First Party Code

Malware

News

Open Source

Opinion

SCA

Security

Tech

Medium

Blog

Customer Story

Ebook/Report

Solution Brief

Video

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Security

News

Open Source

Malware

A virus-like npm malware attack has spread to 180+ packages so far, including CrowdStrike and Tinycolor.

Blog

npm Malware Outbreak: Tinycolor and CrowdStrike Packages Compromised

Sep 16, 2025

AI/ML

News

Endor Labs Drives 225% Revenue Growth, Pioneers the Future of Secure SDLC

Blog

Endor Labs Drives 225% Revenue Growth, Pioneers the Future of Secure SDLC

Sep 16, 2025

Security

Open Source

Malware

Major Supply Chain Attack Compromises Popular npm Packages Including chalk and debug

Blog

Major Supply Chain Attack Compromises Popular npm Packages Including chalk and debug

Sep 8, 2025

Security

Malware

Blog

Nx build platform compromised by supply chain attack – How attackers collude with AI code assistants

Aug 27, 2025

No items found.

How We Cracked SCA for C/C++ Codebases

Blog

How We Cracked SCA for C/C++ Codebases

Aug 21, 2025

Customer Stories

SCA

Tech

Cursor Develops a Secure Product with Endor Labs

Customer Story

Cursor Develops a Secure Product with Endor Labs

Aug 20, 2025

CI/CD

Open Source

Security

When CodeRabbit became PwnedRabbit: A cautionary tale for every GitHub App vendor (and their customers)

Blog

When CodeRabbit became PwnedRabbit: A cautionary tale for every GitHub App vendor (and their customers)

Aug 20, 2025

AI/ML

Open Source

Security

Shadow AI in Your Codebase: A Hidden Supply Chain Risk

Blog

Shadow AI in Your Codebase: A Hidden Supply Chain Risk

Aug 20, 2025

Customer Stories

SCA

Tech

Five9 Transforms Software Supply Chain Security with Endor Labs

Customer Story

Five9 Transforms Software Supply Chain Security with Endor Labs

Aug 20, 2025

SCA

Customer Stories

Under the Hood: How I Vet Early-Stage Startups for Critical Security Programs

Blog

Under the Hood: How I Vet Early-Stage Startups for Critical Security Programs

Aug 20, 2025

No items found.

Detect End-of-Life (EOL) Software in Containers with Endor Labs

Blog

Detect End-of-Life (EOL) Software in Containers with Endor Labs

Aug 13, 2025

AI/ML

First Party Code

Security

The Most Common Security Vulnerabilities in AI-Generated Code

Blog

The Most Common Security Vulnerabilities in AI-Generated Code

Aug 12, 2025

AI/ML

First Party Code

Security

The Last Mile of AI Productivity Is Code Review

Blog

The Last Mile of AI Productivity Is Code Review

Aug 11, 2025

Security

SCA

AI/ML

Fireside Chat: CISOs on AI, Shift Left, and Building Trust at People.ai and AppLovin

Video

Fireside Chat: CISOs on AI, Shift Left, and Building Trust at People.ai and AppLovin

Aug 7, 2025

Security

SCA

Fireside Chat: Building a High-Trust Product Security Program at Zebra

Video

Fireside Chat: Building a High-Trust Product Security Program at Zebra

Aug 6, 2025

AI/ML

First Party Code

Security

How to Detect LLM Prompt Injection Risks

Blog

How to Detect LLM Prompt Injection Risks

Aug 6, 2025

AI/ML

Open Source

Security

Why Your AI Code Assistant Might Be Shipping CVEs

Blog

Why Your AI Code Assistant Might Be Shipping CVEs

Aug 5, 2025

AI/ML

Security

First Party Code

Anti-Pattern Avoidance: A Simple Prompt Pattern for Safer AI-Generated Code

Blog

Anti-Pattern Avoidance: A Simple Prompt Pattern for Safer AI-Generated Code

Aug 5, 2025

AI/ML

News

First Party Code

Endor Labs now integrates with GitHub Copilot in VS Code

Blog

Endor Labs now integrates with GitHub Copilot in VS Code

Jul 31, 2025

AI/ML

First Party Code

Security

Securing AI Coding Assistants: A Total Cost Analysis

Blog

Securing AI Coding Assistants: A Total Cost Analysis

Jul 30, 2025

News

Endor Labs Now Available on Google Cloud Marketplace

Blog

Endor Labs Now Available on Google Cloud Marketplace

Jul 29, 2025

...

2 / 13

Sorry, no results matching your search.

Want to stay in the loop?

Sign up for our newsletter.

Email

Welcome to the resistance

Oops! Something went wrong while submitting the form.

Home Pricing Contact Us

Company

LEARN

Blog Documentation eBook / Reports Events LeanAppSec Solution Brief Video

Tools

TEI Calculator Risk Explorer

Why Us?

vs. Snyk vs. Traditional SCA vs. Runtime SCA

Products

Endor Labs Supply Chain

Endor Open Source

Use Cases

Secrets Detection Secrets Detection

AI-Native Static Application Security Testing (SAST)AI-Native Static Application Security Testing (SAST)

Malware Package Detection Malware Package Detection

Code Scanning Code Scanning

AI Code Governance AI Code Governance

Upgrades & Remediation Upgrades & Remediation

SBOM Ingestion SBOM Ingestion

AI Apps AI Apps

Bazel Monorepos Bazel Monorepos

Digital Operational Resilience Act (DORA)Digital Operational Resilience Act (DORA)

PCI DSS PCI DSS

Container Scanning Container Scanning

GitHub Actions GitHub Actions

CI/CD Discovery CI/CD Discovery

Artifact Signing Artifact Signing

Compliance & SBOM Compliance & SBOM

SCA with Reachability SCA with Reachability

Integrations

VS Code / GitHub Copilot VS Code / GitHub Copilot

Microsoft Defender for Cloud Microsoft Defender for Cloud

Bitbucket Bitbucket

.NET (C#).NET (C#)

TypeScript TypeScript

JavaScript JavaScript

Jenkins Jenkins

CircleCI CircleCI

© 2025 Endor Labs. All rights reserved.

Legal and Privacy Trust and Security

All names, logos, and brands of third parties listed on our site are trademarks of their respective owners. Endor Labs and its products and services are not endorsed by, sponsored by, or affiliated with these third parties. Our use of these names, logos, and brands is for identification purposes only, and does not imply any such endorsement, sponsorship, or affiliation.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.