PALO ALTO, Calif.--(BUSINESS WIRE)--Endor Labs is proud to announce a strategic investment from members of the Silicon Valley CISO Investments (SVCI) group, an angel syndicate powered by GGV Capital, a $9.2B global multi-stage VC firm, and one of the most highly regarded investment collectives in tech security. The investment followed a rigorous review of startups in the supply chain and open source security space. Security executives from Robert Half, Ross Stores, Chime, Adobe, BlackHawk, ICE, HashiCorp, Flexport and more, have all chosen to take a personal stake in the new company.
“Endor Labs is tackling one of the most painful problems security and engineering teams face today: How do you accelerate development with open source software without exposing yourself to risk? This company features a world-class team of engineers and executives who have developed a unique approach with truly innovative technology, and the strong response from our members validates that they’re on to something big. We’re excited for our partnership!” — Oren Yunger, Partner at GGV Capital
Endor Labs’ Dependency Lifecycle Management Platform is designed to address the weakest link in software supply chain security: the ungoverned sprawl of open source software in the enterprise. Endor Labs’ mission is to help developers spend less time dealing with security issues and more time accelerating development through safe code reuse.
With this solution, development and security teams are able to maximize software reuse by safely evaluating, maintaining, and updating dependencies at scale. Endor Labs goes beyond traditional methods of metadata and vulnerability scanning by using program analysis and call graphs to gain a deeper understanding of how dependencies are being used across the organization. This level of static analysis enables organizations to prioritize reachable and exploitable vulnerabilities. The ingestion and cross-referencing of call graph and SBOM data, along with CI/CD insights, also helps with the detection of risk patterns that would otherwise go unnoticed.
The company, co-founded by CEO Varun Badhwar and CTO Dimitri Stiliadis, has so far raised $25M from Lightspeed Venture Partners, Dell Technologies Capital, and Sierra Ventures, along with the latest endorsement from business leaders in SVCI. These include Nikesh Arora, CEO of Palo Alto Networks; Jay Chaudhary, CEO of Zscaler; Sanjay Beri, CEO of Netskope; Bipul Sinha, CEO of Rubrik; Aparna Bawa, COO of Zoom; and Sri Viswanathan, Former CTO of Atlassian.
“Endor Labs is doing the heavy lifting of bringing decades of academic work on program analysis and call graphs into the real world. This level of insight into how code is actually being used across the organization is going to be a game changer for both security and engineering teams.” — Niall Browne, CISO
"The talent speaks for itself: Endor Labs has attracted top data scientists who’ve been leading the research on dependency management, program analysis, and call graphs. Bringing these concepts to the real world provides an unprecedented level of visibility into how code is being used, and gives engineering teams a productivity boost as they maximize the potential of OSS even while enhancing security." — Roger Hale, CISO, Agora
Silicon Valley CISO Investments (“SVCI”) is a group of Chief Information Security Officers (“CISO”) that operate as an angel investor syndicate. Founded in late 2019 and with three investments to date, SVCI is already successfully pursuing its mission of fueling the next generation of cybersecurity innovation. The group identifies promising startups, invests in them and leverages its members’ unmatched industry expertise to help the companies thrive. The group was co-founded by Oren Yunger, investor with GGV Capital, and former CISO along with Al Ghous from ServiceMax, David Tsao from Marqeta, Harshil Parikh from Medallia, Joel Fulton from Splunk, Jonathan Jaffe from People.ai, Ody Lupescu from Ethos Life, and Ralph Pyne from NextRoll. Learn more at svci.io.
About Endor Labs
Endor Labs helps developers spend less time dealing with security issues and more time accelerating development through safe Open Source Software (OSS) adoption. Our Dependency Lifecycle Management™ Solution helps organizations maximize software reuse by enabling security and development teams to select, secure, and maintain OSS at scale. The Endor Labs engineering team includes some of the world’s leading static analysis experts, including 7 PhDs and senior engineers from Meta, Uber, Amazon, and Microsoft. Endor Labs was founded by industry veterans Varun Badhwar and Dimitri Stiliadis, and is backed by Lightspeed & Dell Technologies Capital, as well as executives at companies like Palo Alto Networks, Zscaler, Zoom, Google, and more.