Jellyfish, the top engineering management platform, made the switch from Snyk to Endor Labs to better handle open source risk identification, prioritization, and prediction. It's been awesome working with the Jellyfish team on this. Huge shoutout to James Kirk, Head of Security and Privacy at Jellyfish and Josiah Bruner, Sr Security Engineer at Jellyfish for sharing their experience with Endor Labs! Dive into the full story here: https://lnkd.in/g9MbdYwt #AppSec #SCA #Security
Endor Labs
Softwareontwikkeling
Palo Alto, California 7.511 volgers
Secure everything your code depends on.
Over ons
80% of code in modern applications is code your developers didn’t write, but “borrowed” from the internet. With over 3M Open Source Software (OSS) projects, 43M versions, and 3.1T downloads yearly, development teams can gain tremendous benefits from leveraging the OSS ecosystem, as long as organizations invest in the tooling to address the security, scalability and sustainability challenges that come with it. At Endor Labs, we've created the first open source dependency lifecycle management platform to help OSS consumers select, secure and maintain dependencies effectively.
- Website
-
https://www.endorlabs.com/
Externe link voor Endor Labs
- Branche
- Softwareontwikkeling
- Bedrijfsgrootte
- 51 - 200 medewerkers
- Hoofdkantoor
- Palo Alto, California
- Type
- Particuliere onderneming
- Opgericht
- 2021
Locaties
-
Primair
125 University Ave
Ste 88
Palo Alto, California 94301, US
-
Amsterdam, NL
Medewerkers van Endor Labs
Updates
-
Endor Labs heeft dit gerepost
A huge thanks to the San Francisco Chapter of Cloud Security Alliance (CSA) and Endor Labs in Palo Alto, especially Brent Ichien and Jamie S., for hosting and inviting me to speak on the security essentials for generative AI. Also thanks to Kim Lennan and SANS Institute for sponsoring the post-event social! The meeting was chock-full of great security professionals from the Bay Area, and the ensuing conversations at the social afterward were fantastic. It's always inspiring to connect with such a dedicated and knowledgeable community. Thank you all for a wonderful event!
-
-
No surprises here, but Dan deBeaubien and Jamie S. crushed it last evening at the Cloud Security Alliance SF chapter in-person meetup! 🎉 Shoutout to everyone who participated and made the session so lively.
-
-
Do you use GitHub? Join Leonardo Quimbaya, Principal Field Security Specialist, Code Scanning at GitHub and Matt Brown, Solutions Architect at Endor Labs tomorrow at 10 a.m. PT as they dive into how dev teams can set up efficient, automated processes to deliver software and cut down 80% of the security noise that wastes devs' time. Register here: https://lnkd.in/e7NxSWgd
-
-
SCA tools produce a lot of noise. When there’s too much SCA noise, devs stop trusting the tool (𝘢𝘯𝘥 𝘵𝘩𝘦 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘵𝘦𝘢𝘮), and issues don’t get fixed. So, what should you look for in an SCA tool that helps you earn your devs' trust? 𝐏𝐫𝐨 𝐭𝐢𝐩: Ask your SCA vendor how their reachability analysis works. Find a tool that can identify which parts of a package are vulnerable and if they affect your code. Plus, it should offer other contextual filtering, like whether the dependency is in production, if there’s a fix available, and how exploitable the vulnerability is. More questions to ask your software composition analysis vendor here: https://hubs.ly/Q02HkQtX0 #SCA #OWASP #OSS #AppSec
-
Will we see you this evening? Join us at our Palo Alto HQ today at 5:30 p.m. for the in person Cloud Security Alliance - SF chapter meet-up. Register here: https://lnkd.in/gE3wE2wr Jamie S. | Dan deBeaubien | Brent Ichien
Join us at the Cloud Security Alliance - SF Chapter meet-up on Tuesday, July 23rd at 5:30 PM at the Endor Labs HQ in Downtown Palo Alto! Network over food and drinks while enjoying talks by experts from the SANS Institute and Endor Labs. Dan deBeaubien will discuss Generative AI, Business Risk, and Opportunities, and Jamie S. will talk about- The SCA Balancing Act: Understanding Tradeoffs, What to Do and Avoid. We look forward to seeing you there! Find the RSVP link in the comments below 👇
-
-
𝐖𝐡𝐚𝐭 𝐢𝐬 𝐚 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐢𝐩𝐞𝐥𝐢𝐧𝐞? 👉 In simple words, It is the tactic for improving your security processes. It's all about creating a repeatable pattern that helps you boost your security maturity over time. While small scale agile organizations can do without security pipelines, larger organizations who have to consider compliance can largely benefit from them. Here’s what Kayra Otaner, Director of DevSecOps at Roche has to say about the importance of security pipelines for larger DevSecOps teams. More from this discussion in our on-demand webinar: https://hubs.ly/Q02HkDt50 #AppSec #DevSecOps #securitypipeline
-
When chatting with prospective SCA vendors, be sure to ask: What languages does the SCA tool support? Limiting support to just a few languages can leave some big gaps. Make sure the tool covers both current and emerging languages. And if they don’t support your critical languages, find out their roadmap and process for adding new languages. 𝐏𝐫𝐨 𝐓𝐢𝐩: Ask if they support up-and-coming languages like Rust. If they do, it's a great sign that the vendor is proactive and committed to staying ahead of the curve. 𝐁𝐨𝐧𝐮𝐬 𝐪𝐮𝐞𝐬𝐭𝐢𝐨𝐧: Does the tool support reachability for my languages? ** Language support for an SCA tool doesn’t guarantee reachability analysis for that language! **
Deze content is hier niet beschikbaar
Open deze content en meer in de LinkedIn-app
-
Endor Labs heeft dit gerepost
Our partnership with Endor Labs empowers seamless management, prioritization, and remediation of supply chain risks. Here's a breakdown of how we integrate to streamline your software supply chain security... https://lnkd.in/gYrDKU9H #integrationpartners #softwaresupplychain #shipsecurecode
-
-
Will you be at #BlackHat this year? Endor Labs will host several exclusive events for executives throughout the week at Black Hat 2024. If you are around that week we’d love for you to join us. Space is limited, so fill out the form below and save your spot! https://hubs.ly/Q02Gt7b_0 #BlackHat24 #LasVegas #AppSec
-