Endor Labs Launches with $25 Million Seed Financing to Tackle Massive Sprawl of Open Source Software (OSS)

Solution from category-defining entrepreneurs and world-renowned experts helps developers spend less time dealing with security issues, more time accelerating their development through safe code reuse

Endor Labs officially came out of stealth , launching the company with a Dependency Lifecycle Management Platform that helps development and security teams maximize software reuse by safely evaluating, maintaining, and updating dependencies.

Browse The Complete News About AI : Anari AI Launches Thor X to Enhance Cloud-based 3D Applications

Endor Labs officially launched out of stealth today with $25m VC funding and a Dependency Lifecycle Management Platform that’s foundational for supply chain security, enabling development and security teams to maximize software reuse safely and at scale.

The average enterprise has more than 40,000 open source dependencies directly downloaded by developers. Each of those dependencies can bring in on average 77 other (transitive) dependencies creating a massive, uncontrollable sprawl that slows down development and increases the attack surface across multiple dimensions.

The existing environment doesn’t have adequate solutions to deal with this problem. For example, Software Composition Analysis (SCA) tools lack context on how developers are using the dependencies. As a result, they drown developers with endless false positives, and miss the ability to influence better OSS selection, prioritize remediation or detect malicious dependencies.

“Eighty percent of the code in modern applications is code your developers didn’t write but depend on through open source packages. When our founding team was leading the Prisma Cloud engineering group at Palo Alto Networks, we realized the true magnitude of this issue,” said co-founder and CEO Varun Badhwar. “Having previously created the Cloud Security Posture Management (CSPM) category, this team knows how to take on next generation threats. Our mission now is to enable OSS to live up to its true potential without introducing unnecessary risk. It’s exciting to once again take a new approach to the market, and we believe these solutions will radically enhance application development everywhere.”

AI ML in Marketing: AI and Big Data Analysis Used to Find Brands’ Emotional Connection

Endor Labs’ platform provides security and development teams with an unprecedented understanding of how dependencies are being used across their organization. Furthermore, by performing deep analytics on each OSS dependency, Endor Labs uncovers potential security and operational risks beyond just known vulnerabilities. Endor Labs helps customers select better dependencies; secure, monitor and maintain them at scale; and quickly respond to incidents like Log4j. Having a full understanding of their dependency graph also lets customers generate and analyze accurate SBOMs and have a single source of truth for their entire software inventory.

This lifecycle approach to dependency management means it becomes easier than ever to reuse software across the org. The result is increased productivity for development and security teams, and significantly reduced supply chain risk.

“Dependency Lifecycle Management is going to be absolutely foundational for supply chain and open source security,” said Rachit Lohani, SVP and chief technology officer of Paylocity. “With Dependency Lifecycle Management, Endor Labs is setting an entirely new standard by which organizations can prioritize and zero in on the most significant security and operational issues that have the tendency to slow down application development.”