Endor Labs has officially come out of stealth, launching the company with a Dependency Lifecycle Management Platform that is intended to help development and security teams maximize software reuse by evaluating, maintaining, and updating dependencies.
The Endor Labs platform helps organizations manage their dependencies by offering them a deeper understanding of how they are being used across the company.
Additionally, by performing deep analytics on each OSS dependency, Endor Labs works to discover potential security and operational threats beyond just the known vulnerabilities.
With Endor Labs, users can select better dependencies; secure, monitor and maintain them at scale; and quickly respond to incidents such as Log4j, allowing them to generate and analyze accurate SBOMs as well as have a single source of truth for their whole software inventory.
“Eighty percent of the code in modern applications is code your developers didn’t write but depend on through open source packages. When our founding team was leading the Prisma Cloud engineering group at Palo Alto Networks, we realized the true magnitude of this issue,” said Varun Badhwar, co-founder and CEO of Endor Labs. “Having previously created the Cloud Security Posture Management (CSPM) category, this team knows how to take on next generation threats. Our mission now is to enable OSS to live up to its true potential without introducing unnecessary risk. It’s exciting to once again take a new approach to the market, and we believe these solutions will radically enhance application development everywhere.”
According to the company, the lifecycle approach to dependency management makes it simpler to reuse software across an organization, resulting in increased productivity for development and security teams as well as a reduced supply chain risk.
To learn more, read the blog.