Endor Labs
![shadow egineering](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/07133258/shadow_egineering-400x200.webp)
Shadow engineering exposed: Addressing the risks of unauthorized engineering practices
Shadow engineering is present in many organizations, and it can lead to security, compliance, and risk challenges. In this Help Net Security video, Darren Meyer, Staff …
![open source](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/16103725/open-source_1500-400x200.webp)
New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils …
![supply chain](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/12152237/supply_chain-1400-400x200.jpg)
Integrating software supply chain security in DevSecOps CI/CD pipelines
NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, …
![Curl](https://img.helpnetsecurity.com/wp-content/uploads/2023/10/10083125/curl-logo-400x200.jpg)
Be prepared to patch high-severity vulnerability in curl and libcurl
UPDATE (October 11, 2023, 07:15 a.m. ET): Curl v8.4.0 is out and fixes both CVE-2023-38545, a SOCKS5 heap buffer overflow vulnerability and CVE-2023-38546, a cookie injection …
![HNS](https://img.helpnetsecurity.com/wp-content/uploads/2023/05/10093706/hns-2023-large_logo-400x200.jpg)
Endor Labs raises $70 million to expand into other areas of code and pipeline security
Endor Labs raises $70 million in oversubscribed Series A financing from Lightspeed Venture Partners (LSVP), Coatue, Dell Technologies Capital, Section 32, and over 30 …
![large language models](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/11160742/llms-3-400x200.jpg)
LLMs and AI positioned to dominate the AppSec world
As modern software trends toward distributed architectures, microservices, and extensive use of third-party and open source components, dependency management only gets harder, …
![](https://img.helpnetsecurity.com/wp-content/uploads/2023/05/12142645/open-source_components-400x200.jpg)
Malicious open-source components threatening digital infrastructure
A new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source …
![open source](https://img.helpnetsecurity.com/wp-content/uploads/2020/05/13113507/opensource-blue-400x200.jpg)
Research reveals where 95% of open source vulnerabilities lie
New research from Endor Labs offers a view into the rampant but often unmonitored use of existing open-source software in application development and the dangers arising from …
![office building](https://img.helpnetsecurity.com/wp-content/uploads/2021/11/11142945/office_building_1200-400x200.jpg)
Endor Labs emerges from stealth with $25 million to protect software supply chains
Endor Labs officially came out of stealth, launching the company with a Dependency Lifecycle Management Platform that helps development and security teams maximize software …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege