In today's hyper-connected world, where AI and open-source software is the foundation for much of the enterprise application stack, ensuring secure development environments has never been more critical. Endor Labs is reimagining how organizations safeguard their software in an era being overtaken by AI-generated code while also redefining application security (AppSec) from the ground up. That’s why we are thrilled to lead the $93 million Series B financing for Endor as they lead the way into this new era.

As AI-generated code floods the enterprise and open-source sprawl accelerates, Endor has built exactly what modern security teams need: a smart, streamlined AppSec control plane that brings clarity and speed to a traditionally chaotic ecosystem. We’re proud to partner with Founders Varun Badhwar and Dimitri Stiliadis – industry veterans with a rare mix of deep technical expertise and proven leadership to tackle today's most pressing challenges. Their impressive track records set them apart, positioning Endor to not just meet this moment but to shape the future of secure AI software development. 

The Modern Application Security Minefield 
Not long ago, companies wrote all their own code from scratch. Today, open source has grown to comprise over 80% of modern codebases—written by people you’ve never met, for purposes that may not match your own. Layer on top a mix of tools, libraries, and rapid development cycles, and software engineers often find themselves navigating what’s known as “dependency hell.” The result is a tangled web of potential security risks buried deep in the codebase. For instance, a single application might contain thousands of security vulnerabilities—unintentionally and unknowingly embedded in various components of third-party code.

Transforming the Security Paradigm 
Most security tools flag a host of issues but fail to expose what actually matters. Endor flips the script. Rather than relying on outdated methods, Endor has meticulously mapped over 4.5 million open-source projects to provide real-time insights into its integration with customer code. This innovative approach allows Endor to identify vulnerabilities missed by legacy tools and, more importantly, apply its proprietary Reachability Analysis to prioritize only the vulnerabilities that are truly exploitable and helps remediate them efficiently. In a nutshell, Endor’s innovative capabilities help customers “Find More, Fix Less, and Fix Fast.”

Endor’s value proposition targets a reduction in security alerts by an astounding 92% while accelerating remediation 6x faster. Developers receive contextualized guides and one-click patches for swift, hassle-free fixes, so they’re not bogged down by dependency challenges.

Purpose Built for the AI Revolution 
AI is changing how code gets written. As generative AI transforms coding practices, developers generate vast amounts of code without thorough quality control. This is where traditional application security tools falter. The increasing reliance on AI-generated code further complicates the challenge for AppSec teams. Endor embraces this shift, leveraging its Reachability Analysis to pinpoint risky AI-generated code and optimize remediation strategies. 

Endor doesn’t stop there. Its platform doesn’t just identify risky AI-created code – it also uses AI to review every pull request. Its latest innovation, the agentic AI Code Security Review, unleashes a team of expert agents – autonomously playing the roles of developer, architect, and security engineer, to analyze and catch issues outside of the scope of legacy application security tools. It's like having an elite security team working 24/7, catching even the most elusive vulnerabilities. 

Visionaries at the Helm Driving Industry Change 
At DFJ Growth, we look for exceptional entrepreneurs with bold ideas to uniquely solve complex problems. Varun Badhwar (previously co-founder of RedLock and CipherCloud and founding GM/SVP at Prisma Cloud) and Dimitri (previously co-founder of Aporeto and Nuage Networks) bring unparalleled expertise in building and scaling impactful security companies from the ground up. When we saw their innovative technology, the depth of their dataset, and early traction with customers like OpenAI and Rubrik, it was clear: Endor has all the makings of an emerging leader in a large market. 

Join the Security Movement 
Endor Labs isn’t just setting a new standard in application security — it is changing the way we think about it. It gives developers and security teams a faster, smarter way to ship secure code in an AI-powered world. We are excited to partner with Varun, Dimitri, and the entire Endor team on their mission to achieve a brighter, more secure future of software.