Featured resources
Improve Kubernetes Security with Signed Artifacts and Admission Controllers
AppSec Goes to Devnexus: Lessons from a Thriving, Modern Java Community
Artifact Signing 101 - On-Demand Webinar
XZ Backdoor: How to Prepare for the Next One
XZ is A Wake Up Call For Software Security: Here's Why
SSDF Compliance and Attestation
You Have a Shadow Pipeline Problem
Remediating Vulnerabilities vs. Maintaining Current Dependencies
Signing Your Artifacts For Security, Quality, and Compliance
Detect Malicious Packages Among Your Open Source Dependencies
Introducing CI/CD Security with Endor Labs
How to Improve SCA in GitHub Advanced Security - Tutorial
How to Ingest and Manage SBOMs - Tutorial
VMware Achieves SBOM Compliance for Over 100 Services with Endor Labs
How to Generate SBOM and VEX - Tutorial
How to Use AI for Open Source Selection - Tutorial
MileIQ Securely Reimagines a Decade Old Product with Endor Labs
How CycloneDX VEX Makes Your SBOM Useful
How to Scan and Prioritize Valid Secrets - Tutorial
SBOM Requirements for Medical Devices
CISA and NCSC's Take on Secure AI Development
Open Source Security 101: How to Evaluate Your Open Source Security Posture
How to Prioritize Reachable Open Source Software (OSS) Vulnerabilities - Tutorial
Open Source Security for Python and AI Apps
How To Evaluate Secret Detection Tools
5 Federal Software Supply Chain Requirements You Should Be Aware Of
Understanding Python Manifest Files
Combining EPSS and Reachability Analysis to Optimize Vulnerability Management
The Open Source Security Index Top 5
Endor Labs & Github Advanced Security: AppSec Without The Productivity Tax
Key Questions for Your SBOM Program
State of Dependency Management 2023
Visualizing the Impact of Call Graphs on Open Source Security
How Security and Engineering Can Scale Open Source Security - Webinar
Endor Labs is SOC 2 Type II Certified!
Reviewing Malware with LLMs: OpenAI vs. Vertex AI
Make Developers' Lives Easier with Endor Labs & GitHub Advanced Security
Announcing the Endor Labs Hyperdrive Program for Resellers and Solution Providers
OWASP Top 10 Risks for Open Source
How to Quickly Measure SBOM Accuracy for Maven Projects (for Free)
Endor Labs is SOC2 Certified!
SBOM vs. SBOM: Comparing SBOMs from Different Tools and Lifecycle Stages
What Breaking Changes Teach Us about Security
Open Source Licensing Simplified: A Comparative Overview of Popular Licenses
What is VEX and Why Should I Care?
State of Dependency Management 2022
Why We Need Static Analysis When Prioritizing Vulnerabilities - Webinar
The Government's Role in Maintaining Open Source Security
Endor Labs Launches with $25M Seed Financing to Tackle Massive Sprawl of Open Source Software (OSS)
SBOMs are Just a Means to an End
Introducing the OpenSSF Scorecard API
How to Get the Most out of GitHub API Rate Limits
How Zero Trust Principles Can Accelerate Enterprise Adoption of OSS
CSRB Log4j Report - The Response is as Dangerous as the Vulnerability
Polyrepo vs. Monorepo - How Does it Impact Dependency Management?
Want to stay in the loop?
Sign up for our newsletter.