Join us on September 12th, 5:30 pm - 8:00 pm PT, at the Endor Labs HQ in Palo Alto for the Bay Area #Bazel Meet-up!. Learn how to make your monorepo scanning more efficient and how to customize BUILD files using #Starlark Gazelle Extensions.

Endor Labs can help you: .✅ Pinpoint every dependency down to the function level. ✅ Back your decisions with solid vulnerability data. ✅ Focus on fixes that actually matter to YOUR app, backed by data.

Endor Labs can help you achieve PCI DSS and FedRAMP compliance at a lower cost, both through prioritization and through helping you achieve SLSA build levels that meet key SSDF requirements. More here:.. #AppSec #SLSA #PCIDSS #FedRamp

Join David Archer, Henrik Plate and Joseph Hejderup this Thursday, August 22nd for - 𝐌𝐚𝐬𝐭𝐞𝐫𝐢𝐧𝐠 𝐎𝐒𝐒 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲: 𝐕𝐚𝐥𝐢𝐝𝐚𝐭𝐢𝐧𝐠 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬 𝐰𝐢𝐭𝐡 𝐂𝐨𝐝𝐞-𝐋𝐞𝐯𝐞𝐥 𝐑𝐞𝐚𝐜𝐡𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐀𝐧𝐚𝐥𝐲𝐬𝐢𝐬.

What did one function say to the other just before an upgrade? .We used to be compatible… now you don’t even return my calls. Learn how to avoid those breaking changes and awkward conversations! Register here:.. #AppSec #SCA #breakingchanges #webinar

Thank you Beth Pariseau for highlighting the value of our new product announcement around upgrades and remediation, and Pathik Patel for sharing some of your views and experiences using our product. #AppSec #SCA #FedRamp

🔊 Three more days and we're heading out to BlackHat! . 🤓 Will we see you there?

“You want to make sure that engineers are doing actual security work and not busy work. It’s the worst when you give them a ticket and there’s no fix available”. - Jeevan Singh, Director Security Engineer, Rippling

If you're searching for a new SCA tool or considering replacing your current one, make sure to ask your vendor: 𝘏𝘰𝘸 𝘳𝘰𝘣𝘶𝘴𝘵 𝘢𝘳𝘦 𝘺𝘰𝘶𝘳 𝘪𝘯𝘵𝘦𝘨𝘳𝘢𝘵𝘪𝘰𝘯𝘴 𝘢𝘯𝘥 𝘈𝘗𝘐𝘴?

SCA tools produce a lot of noise. When there’s too much SCA noise, devs stop trusting the tool (𝘢𝘯𝘥 𝘵𝘩𝘦 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘵𝘦𝘢𝘮), and issues don’t get fixed. 𝐏𝐫𝐨 𝐭𝐢𝐩: Ask your SCA vendor how their reachability analysis works.

𝐖𝐡𝐚𝐭 𝐢𝐬 𝐚 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐢𝐩𝐞𝐥𝐢𝐧𝐞?. 👉 In simple words, It is the tactic for improving your security processes. It's all about creating a repeatable pattern that helps you boost your security maturity over time. More from Kayra Otaner, Director DevSecOps, Roche

Will you be at #BlackHat this year?. Endor Labs will host several exclusive events throughout the week at Black Hat 2024. If you are around that week we’d love for you to join us. Fill out the form below and save your spot!. #BlackHat24 #LasVegas #AppSec

Join us for a chat tomorrow, Wednesday, July 17, at 9:00 a.m. PT. . #AppSec #SecurityPipeline

Join us in celebrating our new Ewoks who joined us in June!. Oh. and we're still hiring. Will you be employee #100??? . #hiring #careers #marketingjobs #salesjobs #productjobs #engineeringjobs

With the Endor Labs plugin for #Backstage, users can get a comprehensive scorecard of all supply chain risks associated with your projects. Learn more:

The #DevSecOpsConnectVirtual is next week, and our friend Chris Hughes will be talking about 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐢𝐧 𝐭𝐡𝐞 𝐀𝐠𝐞 𝐨𝐟 𝐀𝐈 𝐚𝐧𝐝 𝐎𝐒𝐒. Register for free:

📣 𝐄𝐧𝐝𝐨𝐫 𝐋𝐚𝐛𝐬 𝐧𝐨𝐰 𝐨𝐟𝐟𝐞𝐫𝐬 𝐜𝐨𝐧𝐭𝐚𝐢𝐧𝐞𝐫 𝐬𝐜𝐚𝐧𝐧𝐢𝐧𝐠! 📣 . Get more efficient and effective by consolidating your SCA with container scanning (and more!) >>> Learn more:.

RT @PaulJorg: @owasplisboa continues with @jhejderup on packages

An Endor Labs artifact signature gives you access to the dependency graph, risks, vulnerabilities, and other data, as well as a bridge to the specific git ref used to create that version. Learn more:

Porto 🇵🇹. Fresh off his PhD defense, @jhejderup is taking on @owaspporto meet up scene tonight 🎉. 📆May 29th at 6 PM.RSVP to secure your spot ✉️