Endor Labs

Detecting vulnerable code in software dependencies is more complex than it seems

code, code analysis, cybersecurity, Don't miss, Endor Labs, Features, Hot stuff, News, open source, opinion, remediation, SCA, software, vulnerability management /

Detecting vulnerable code in software dependencies is more complex than it seems 2024-09-18 at 07:31 By Mirko Zorz In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within software dependencies. Plate also discusses the limitations of traditional software composition analysis (SCA) solutions […]

React to this headline:

Loading spinner

Detecting vulnerable code in software dependencies is more complex than it seems Read More »

Trends and dangers in open-source software dependencies

cybersecurity, Endor Labs, News, open source, report, survey, vulnerability management /

Trends and dangers in open-source software dependencies 2024-09-16 at 06:01 By Help Net Security A C-suite perspective on potential vulnerabilities within open-source dependencies or software packages reveals that, while remediation costs for dependency risks are perilously high, function-level reachability analysis still offers the best value in this critical area, according to Endor Labs. The research

React to this headline:

Loading spinner

Trends and dangers in open-source software dependencies Read More »

Infosec products of the month: August 2024

Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, News, Nucleus Security, Own, Rapid7, Resecurity, Rezonate, RightCrowd, Stellar, Veza, Wallarm, Wing Security /

Infosec products of the month: August 2024 2024-09-02 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortanix, Fortinet, Guardio, HYCU, Ivanti, McAfee, Nucleus Security, Own,

React to this headline:

Loading spinner

Infosec products of the month: August 2024 Read More »

New infosec products of the week: August 9, 2024

AppOmni, ArmorCode, Cequence Security, Contrast Security, Elastic, Endor Labs, News, Rapid7, Veza /

New infosec products of the week: August 9, 2024 2024-08-09 at 06:01 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from: Rapid7, AppOmni, Contrast Security, Elastic, Cequence Security, Veza, ArmorCode, and EndorLabs. Rapid7 releases Command Platform, unified attack defense and response Rapid7 launched its Command Platform,

React to this headline:

Loading spinner

New infosec products of the week: August 9, 2024 Read More »

Endor Labs launches Upgrade Impact Analysis and Magic Patches for SCA market

Endor Labs, Industry news /

Endor Labs launches Upgrade Impact Analysis and Magic Patches for SCA market 2024-08-08 at 12:16 By Industry News Endor Labs unveiled two capabilities, Upgrade Impact Analysis and Endor Magic Patches, that fix an expensive and time-consuming problem in the Software Composition Analysis (SCA) market. Software version upgrades are often required to fix critical vulnerabilities in

React to this headline:

Loading spinner

Endor Labs launches Upgrade Impact Analysis and Magic Patches for SCA market Read More »

Shadow engineering exposed: Addressing the risks of unauthorized engineering practices

Compliance, cyber risk, cybersecurity, Don't miss, Endor Labs, Hot stuff, how-to, News, strategy, tips, Video /

Shadow engineering exposed: Addressing the risks of unauthorized engineering practices 2024-07-09 at 06:31 By Help Net Security Shadow engineering is present in many organizations, and it can lead to security, compliance, and risk challenges. In this Help Net Security video, Darren Meyer, Staff Research Engineer at Endor Labs, discusses why it causes issues and how

React to this headline:

Loading spinner

Shadow engineering exposed: Addressing the risks of unauthorized engineering practices Read More »

New open-source project takeover attacks spotted, stymied

backdoor, CISA, Don't miss, Endor Labs, Hot stuff, News, O'Reilly, open source, OpenJS Foundation, OpenSSF, social engineering, supply chain attacks, tips /

New open-source project takeover attacks spotted, stymied 2024-04-16 at 16:16 By Zeljka Zorz The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious maintainer achieved that coveted position after

React to this headline:

Loading spinner

New open-source project takeover attacks spotted, stymied Read More »

Integrating software supply chain security in DevSecOps CI/CD pipelines

cybersecurity, DevSecOps, Don't miss, Endor Labs, framework, guidelines, Hot stuff, NIST, supply chain, Video /

Integrating software supply chain security in DevSecOps CI/CD pipelines 2024-03-04 at 07:01 By Help Net Security NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides actionable measures to

React to this headline:

Loading spinner

Integrating software supply chain security in DevSecOps CI/CD pipelines Read More »

Be prepared to patch high-severity vulnerability in curl and libcurl

Docker, Don't miss, Endor Labs, Hot stuff, News, open source, patching, Qualys, security update, Sonatype, Synopsys, vulnerability, vulnerability disclosure /

Be prepared to patch high-severity vulnerability in curl and libcurl 10/10/2023 at 12:20 By Zeljka Zorz Details about two vulnerabilities (CVE-2023-38545, CVE-2023-38546) in curl, a foundational and widely used open-source software for data transfer via URLs, are to be released on Wednesday, October 11. Daniel Stenberg, the original author and lead developer, has said that

React to this headline:

Loading spinner

Be prepared to patch high-severity vulnerability in curl and libcurl Read More »

Endor Labs raises $70 million to expand into other areas of code and pipeline security

Endor Labs, Industry news /

Endor Labs raises $70 million to expand into other areas of code and pipeline security 03/08/2023 at 15:01 By Industry News Endor Labs raises $70 million in oversubscribed Series A financing from Lightspeed Venture Partners (LSVP), Coatue, Dell Technologies Capital, Section 32, and over 30 industry-leading CEOs, CISOs, and CTOs. Arif Janmohamed of Lightspeed, Sri

React to this headline:

Loading spinner

Endor Labs raises $70 million to expand into other areas of code and pipeline security Read More »

Software Supply Chain Startup Endor Labs Scores Massive $70M Series A Round

Endor Labs, Funding/M&A, Supply Chain Security, Varun Badhwar /

Software Supply Chain Startup Endor Labs Scores Massive $70M Series A Round 03/08/2023 at 11:04 By Ryan Naraine Endor Labs has closed a massive $70 million Series A round of financing to fuel ambitious plans to build a dependency lifecycle management platform.   The post Software Supply Chain Startup Endor Labs Scores Massive $70M Series A

React to this headline:

Loading spinner

Software Supply Chain Startup Endor Labs Scores Massive $70M Series A Round Read More »

LLMs and AI positioned to dominate the AppSec world

Application Security, cybersecurity, Endor Labs, Malware, News, open source, report, vulnerability /

LLMs and AI positioned to dominate the AppSec world 20/07/2023 at 07:33 By Help Net Security As modern software trends toward distributed architectures, microservices, and extensive use of third-party and open source components, dependency management only gets harder, according to Endor Labs. Application development risks A new research report explores emerging trends that software organizations

React to this headline:

Loading spinner

LLMs and AI positioned to dominate the AppSec world Read More »

Malicious open-source components threatening digital infrastructure

cybersecurity, Don't miss, Endor Labs, Hot stuff, open source, software, threats, Video /

Malicious open-source components threatening digital infrastructure 17/05/2023 at 09:42 By Help Net Security A new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source components. In this Help Net Security video, Henrik Plate, Lead Security Researcher at Endor Labs, discusses the dual-edged

React to this headline:

Loading spinner

Malicious open-source components threatening digital infrastructure Read More »

Optimized by Optimole
Scroll to Top