Endor Labs has announced a major expansion of its application security (AppSec) platform, designed for the rise of AI-generated code.
The company, which claims to be the fastest-growing AppSec firm, is leveraging a comprehensive security dataset to power its platform, enabling it to prioritise and remediate risks and even automatically apply fixes.
Endor Labs’ platform uses Agentic AI and analysis of 4.5 million open-source projects and AI models, mapping over 150 risk factors. This powers AI agents that operate within the software development lifecycle, going beyond simple alerts.
The company has also announced a US$93 million Series B funding round, led by DFJ Growth.
Endor Labs is launching its first capabilities built on this platform, including AI Security Code Review. The feature uses multiple AI agents to review pull requests for architectural changes that could impact security, such as the addition of vulnerable AI systems, modifications to authentication and changes to data handling.
The aim is to highlight high-risk changes, reduce false positives and allow security engineers to focus on critical issues.
“We’re looking for better ways to scale how we identify business logic risks and unknown unknowns in our codebase,” said Mark Breitenbach, Security Engineer at Dropbox.
“Traditional static analysis tools haven’t really given us the lift we need. Being able to detect risks that we’d otherwise miss manually or through traditional automation is hugely valuable.”
