Dependency Lifecycle Management Platform Address Weakest Link in Supply Chain Security

This cloud security posture management solution enables users to take on next-generation threats.

Stock Smart Logistics
Getty Images

Endor Labs launched the Dependency Lifecycle Management Platform, designed to address the weakest link in the software supply chain security.

“Eighty percent of the code in modern applications is code your developers didn’t write but depend on through open source packages. When our founding team was leading the Prisma Cloud engineering group at Palo Alto Networks, we realized the true magnitude of this issue,” says co-founder and CEO Varun Badhwar. “Having previously created the cloud security posture management (CSPM) category, this team knows how to take on next generation threats. Our mission now is to enable OSS to live up to its true potential without introducing unnecessary risk. It’s exciting to once again take a new approach to the market, and we believe these solutions will radically enhance application development everywhere.”


From Endor Labs:

  • Benefits of the lifecycle approach enable users to reduce the overall amount of dependencies with a better selection process, go beyond known vulnerabilities and measure security and operational risk across the software supply chain, quickly respond to vulnerable or malicious packages by pinpointing where and how code is being used and get a comprehensive view of software components, where and how they’re being used.