GitHub Actions are open source dependencies - secure them accordingly! Learn how to effectively manage the security risks associated with GitHub Actions with a proactive approach focusing on three key areas: visibility, hardening, and dependency management.
Click to read
Solution from category-defining entrepreneurs and world-renowned experts helps developers spend less time dealing with security issues, more time accelerating their development through safe code reuse.
Click to read
At Endor Labs, we continue evaluating the use of large language models (LLMs) for all kinds of use-cases related to application security. And we continue to be amazed about high-quality responses … until we’re amused about the next laughably wrong answer.
Click to read
What’s the best of the best when it comes to open source security tools?We’ve previously talked about the OpenSSF Scorecard, which gives developers a high-level snapshot of the security of any given open source project. But in this post, we’ll talk about a related project, the Open Source Security Index (OSSI), which does something slightly different and complementary.
Click to read
Experiments with GPT-3.5 suggest that LLM-based malware reviews can complement, but not yet substitute human reviews. 1800 binary classifications performed with GPT-3.5 included false-positives and false-negatives.
Click to read
Comprehensive SCA with 92% less noise
Evaluate and score open source libraries
Fix what's what's easy, magically patch what's hard
Shift left and scan containers at build time
Trust what you ship, from code to run
Create, manage, and analyze first and third-party SBOMs
GitHub Actions are open source dependencies - secure them accordingly! Learn how to effectively manage the security risks associated with GitHub Actions with a proactive approach focusing on three key areas: visibility, hardening, and dependency management.
Click to read
Solution from category-defining entrepreneurs and world-renowned experts helps developers spend less time dealing with security issues, more time accelerating their development through safe code reuse.
Click to read
At Endor Labs, we continue evaluating the use of large language models (LLMs) for all kinds of use-cases related to application security. And we continue to be amazed about high-quality responses … until we’re amused about the next laughably wrong answer.
Click to read
What’s the best of the best when it comes to open source security tools?We’ve previously talked about the OpenSSF Scorecard, which gives developers a high-level snapshot of the security of any given open source project. But in this post, we’ll talk about a related project, the Open Source Security Index (OSSI), which does something slightly different and complementary.
Click to read
Experiments with GPT-3.5 suggest that LLM-based malware reviews can complement, but not yet substitute human reviews. 1800 binary classifications performed with GPT-3.5 included false-positives and false-negatives.
Click to read
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.