Industry-Leading Open Source Software Security Company Recognized for Its Impact on National Security and Enterprise Businesses
Endor Labs, the leader in open source software security, has once again been selected to the prestigious Fortune Cyber 60 list, the second consecutive year it has received this recognition. This distinction highlights Endor Labs’ pivotal role at the forefront of securing the open source software, which contains many of the greatest threats to new application development. These vulnerabilities can subsequently undermine the security of operations in every aspect of modern life, from national defense, business enterprises and consumer activities globally.
“We’re honored to be in the elite company of the Fortune Cyber 60 for the second year in a row, and we see it as more validation of our unique approach to securing open source software,” said Varun Badhwar, CEO and co-founder of Endor Labs. “We believe customers should expect more from software composition analysis tools. So we’re gratified to see both Fortune 500 and emerging cloud native companies embrace Endor Labs as we continue to move the puck forward with reachability analysis, and our latest release, Endor Patches, which lets customers fix critical vulnerabilities without refactoring their applications.”
There’s no question that open source software repositories represent an invaluable resource for developers in every field—this community displays boundless creativity built on global collaboration, and reuse of this code frees developers to focus on creating differentiation in their final products. That’s why it’s estimated that at least 80% of the code in new applications is repurposed open source software. However, this code can contain dozens of ‘transitive’ dependencies, which is where most vulnerabilities are hidden. This has led to so many major breaches that it prompted numerous regulations and directives, including a White House Executive Order on improving the nation’s cybersecurity and the introduction of the Securing Open Source Software Act of 2023.
In this environment, the Endor Labs platform helps identify, prioritize, and remediate all risks in the software development lifecycle without hampering productivity. Organizations can select high-quality code, and instead of responding to the endless stream of alerts, pinpoint the most serious risks and ensure automated remediation. They can eliminate more than 90% of the ‘noise’ associated with false positives, and more easily manage Software Bills of Materials (SBOMs), the list of software components in any given product that’s now a requirement for government contracts.
True to its mission, Endor Labs is extending its work into related areas of software security. The company last year released DroidGPT, which leverages the power of ChatGPT for open source risk management—when developers aren’t sure which package to use, they can simply ask. The company also issues an annual “Dependency Management Report,” one of the few comprehensive research initiatives in this critical area. And just this month, it introduced Endor Scores for AI Models, which ranks the most secure open source AI models currently available on HuggingFace.
“Software supply chain security is a top challenge supporting modern software development because many application security tools focus on the tail end of the process, whereas Endor Labs makes its mark much earlier in the development lifecycle and contributes to the open source community,” said Melinda Marks, practice director, cybersecurity atEnterprise Strategy Group. “The company benefits the entire technological community and empowers developers to safeguard their applications without compromising speed or innovation. By securing open source software components for developers, it can have a strong impact on software supply chain security, which is a high priority across all industries.”