Listen to this article
Endor Labs, a startup that offers a platform to manage and secure open source dependencies, has successfully closed a $70 million Series A round. Led by Lightspeed Venture Partners and featuring participation from Coatue, Dell Technologies Capital, Section 32, and various angel investors, the funding comes just 10 months after the company’s launch.
The Growing Importance of Open Source Security
Open source has become an integral part of modern software development, with 97% of applications leveraging open source software. However, this widespread adoption has also led to a growing security threat. Endor Labs estimates that as many as 95% of vulnerabilities are found in transitive dependencies, relationships with other open source code.
Endor’s Mission: Balancing Productivity and Security
Founded in 2021 by Varun Badhwar and Dimitri Stiliadis, Endor Labs aims to solve the challenges of balancing engineering productivity with software supply chain security. The company’s platform surfaces “reachable” and “exploitable” risks in open source code, evolving into a code and software development pipeline governance service.
DroidGPT: AI-Powered Open Source Selection
Endor recently launched “DroidGPT,” an AI tool that assists in open source selection by combining OpenAI’s AI-powered chatbot, ChatGPT, with Endor’s risk data. This innovative approach helps users identify the best packages for their needs, including risk scores that reveal the quality, popularity, trustworthiness, and security of each package.
Monitoring and Governance
Using Endor, companies can monitor the security posture of their development pipelines, manage developer access to code, and oversee the secrets, such as passwords, hardcoded in their codebases. This comprehensive approach ensures robust application security programs.
The Competitive Landscape
While Endor faces competition in the open source security management space, CEO Varun Badhwar asserts that Endor’s approach is unique. He criticizes existing solutions as “largely incomplete and inaccurate,” focusing mainly on licensing and vulnerability compliance. Endor’s approach, on the other hand, addresses a broader range of risks.
Success and Future Plans
Endor has attracted customers within its first two quarters of selling, including Five9, RocketLawyer, MileIQ, Cowbell, and Navan. The company expects to achieve profitability in two years and plans to use the new funding to expand its workforce and deepen its technical capabilities.
Conclusion: Meeting an Urgent Need
Endor Labs’ significant Series A round highlights the urgent need for effective open source security management. As demand for customized applications continues to rise and attacks on infrastructure become more sophisticated, Endor’s unique approach to balancing productivity and security resonates with the market. The new funding will enable the company to go “bigger and broader,” addressing a critical and often neglected problem in the software industry. By focusing on both the risks and the opportunities of open source software, Endor Labs is positioning itself as a leader in a vital category that will continue to gain prominence in the coming years.
Please email us your feedback and news tips at hello(at)superbcrew.com
Activate Social Media:
