Endor Labs That Brings Security To AI-Generated Software Receives Funding

AI is no longer just helping developers; it’s becoming one. From suggesting lines of code to generating entire applications, AI agents are quietly transforming the way software is created. They are changing the rules of the game, making coding faster, more accessible, and, frankly, a little weirder.

While open-source contributions powered 80% of the world’s software until recently, the developer ecosystem is on the cusp of an era where AI could be responsible for generating a similar proportion of code. This fundamental shift in software development is not a distant prospect; it is already underway, redefining the processes involved in building, deploying, and scaling code.

The Shift in Code Creation

The rise of “vibe coding” signifies a growing trend where developers heavily depend on AI assistants, frequently implementing their suggestions with minimal changes. This significantly speeds up the development process but simultaneously creates novel security vulnerabilities.

The 2024 DORA Report indicates that 75% of developers are utilizing AI coding assistants such as GitHub Copilot and Cursor. GitHub estimates that AI-generated code already constitutes up to 40% of today’s code, and this percentage is rapidly increasing.

This is where Endor Labs assists teams in accelerating the identification, prioritization, and resolution of critical vulnerabilities while these AI models are significantly contributing to the coding ecosystem.

The company initially focused on assisting businesses with the security of their open-source package dependencies. To expand its developer pipeline governance service, the company also secured a $70 million Series A funding round two years prior.

Endor utilizes an agentic AI framework and deep understanding of the open-source code used to train modern AI models for its functionality.

The startup’s co-founder, Varun Badhwar, stated, “As AI adoption hit an inflection point, we were ready with the world’s most comprehensive security dataset and a platform purpose-built for the next decade of software development.”

Security for an AI-Native World

The platform is an advanced graph that maps the application’s entire architecture, enriched by vulnerability data, language call graphs, and embeddings from over 4.5 million open-source projects. These agents don’t just scan; they understand. They know how a vulnerable function is actually used, whether a dependency update will break the app, and how to suggest safer alternatives. It’s security analysis infused directly into the developer workflow, right where it’s needed.

AI-generated code often draws from open source, so Endor’s deep expertise in OSS security matters more than ever. Their system performs over 150 distinct checks across millions of libraries, maintains annotated vulnerabilities at the line level, and even identifies reused code transformed by AI no matter how cleverly it’s refactored. That depth enables a new class of security intelligence, one that’s proactive, contextual, and developer-friendly.

As both the founders, Badhwar and Dimitri Stiliadis, realized that the problem is real and that the customers need them to accelerate their services, Endor Labs announced their successful close of a $93 million Series B round led by DFJ Growth, with participation from Salesforce Ventures, Lightspeed Venture Partners, Coatue, Dell Technologies Capital, Section 32, and Citi Ventures.

In an interview with TechCrunch, Badhwar said that the round values Endor at “orders of magnitude higher” than its Series A valuation. 

Over the past year and a half, Endor Labs has achieved a 30-fold increase in Annual Recurring Revenue (ARR) and maintains a strong Net Revenue Retention rate of 166%.

Trusted by innovative companies like OpenAI, Rubrik, People.ai, Observe.ai, and Mysten Labs, the platform secures over 5 million applications and conducts more than a million weekly scans for its users.