Developers may spend less time addressing security issues and more time advancing their development through secure code reuse thanks to a solution from category-defining entrepreneurs and internationally known experts.
Endor Labs today launched the business with a Dependency Lifecycle Management Platform that enables development and security teams to safely evaluate, maintain, and update dependencies in order to maximise the use of software.
The typical organisation has more than 40,000 open source dependencies that developers have downloaded directly. As a result of the average 77 additional (transitive) dependencies that each of these dependencies might generate, there is a large, unmanageable sprawl that slows down development and expands the attack surface in numerous dimensions.
The technology from Endor Labs gives security and development teams a completely new view of how dependencies are used throughout their company. Furthermore, Endor Labs discovers potential security and operational concerns in addition to known vulnerabilities by conducting deep analytics on each OSS dependency.
Endor Labs assists clients in making smarter dependency choices, securing, maintaining, and monitoring them at scale, as well as responding rapidly to incidents like Log4j. Customers may accurately produce and evaluate SBOMs and have a single source of truth for their whole software inventory by having a thorough grasp of their dependency graph.
Reusing software within the organisation is made simpler than ever thanks to our lifecycle approach to dependency management. The result is dramatically lower supply chain risk and higher productivity for the development and security teams.
“Eighty percent of the code in modern applications is code your developers didn’t write but depend on through open source packages. When our founding team was leading the Prisma Cloud engineering group at Palo Alto Networks, we realized the true magnitude of this issue,” said co-founder and CEO Varun Badhwar. “Having previously created the Cloud Security Posture Management (CSPM) category, this team knows how to take on next generation threats. Our mission now is to enable OSS to live up to its true potential without introducing unnecessary risk. It’s exciting to once again take a new approach to the market, and we believe these solutions will radically enhance application development everywhere.”