Endor Labs Secures $93M to Combat AI-Generated Code Vulnerabilities

Endor Labs, which builds tools to scan AI-generated code for vulnerabilities, lands $93M | TechCrunch

AI-generated code is no doubt changing how software is built, but it's also introducing new security challenges. More than 50% of organizations encounter security issues with AI-produced code sometimes or frequently, according to a late 2023 survey by developer security platform Synk. For Endor Labs, that opportunity proved alluring enough that it chose to change course somewhat. Endor started off helping companies secure their open-source package dependencies -- in fact, it even raised a $70 million Series A round just two years ago to grow its developer pipeline governance service. But the startup's co-founders Varun Badhwar and Dimitri Stiliadis saw growing demand elsewhere -- spotting and combating vulnerabilities in the growing masses of code that engineers use AI to generate and fine-tune. Today, Endor runs a platform that, it claims, can not only review code and identify risks, but also recommend "precise" fixes and apply them automatically. The company offers a plugin for AI-powered programming tools like Cursor and GitHub Copilot that scans code as it's written and flags issues. The pivot could prove to be a wise choice. On Wednesday, Endor announced that it closed a $93 million Series B round led by DFJ Growth, with participation from Salesforce Ventures, Lightspeed Venture Partners, Coatue, Dell Technologies Capital, Section 32, and Citi Ventures. Badhwar (CEO) said that the round values Endor at "orders of magnitude higher" than its Series A valuation. The proceeds will be used to expand Endor's platform, he added. The Series B brings the startup's total capital raised to $163 million. "This new round positions us to continue delivering, even in a tougher macro environment than similar companies faced five to ten years ago," Badhwar told TechCrunch. "We raised now because we're seeing strong momentum -- 30x annual recurring revenue growth since our Series A in 2023 -- and this lets us double down on delivering outcomes for our customers." Several months ago, Endor launched a tool designed to help organizations spot where AI models and services integrate with their codebase, and evaluate the integrations for security flaws. The idea is to provide better oversight as AI programming tools proliferate, said Badhwar. Endor says it now protects more than 5 million applications and runs over a million scans each week for customers including OpenAI, Rubrik, Peloton, Snowflake, Egnyte and Dropbox. "We came out of stealth in October 2022 -- right as interest rates spiked -- and we've seen strong traction ever since," Badhwar said. Ramin Sayar, venture partner at DFJ Growth, said his firm invested because Endor found itself at the right place, at the right time. "As generative AI transforms coding practices, developers are generating vast amounts of code without thorough visibility and control," Sayar told TechCrunch. "Endor Labs is not only setting a new standard in application security -- the team is creating a movement by launching their expanded platform." Endor currently has 133 employees concentrated in its offices in Palo Alto and Bangalore.

Endor Labs raises $93M to secure AI-generated code from vulnerabilities - SiliconANGLE

Endor Labs raises $93M to secure AI-generated code from vulnerabilities Code and application security startup Endor Labs Inc. today announced it has closed another big funding round, raising $93 million in a Series B funding led by DFJ Growth. New investor Salesforce Ventures and existing backers including Lightspeed Venture Partners, Coatue, Dell Technologies Capital, Section 32, and Citi Ventures also participated in the funding round. The funding brings the total raised by the company to $163 million, including a $70 million Series A round in 2023. Modern-day development lifecycles have gotten tighter and faster than ever before with software engineers helming large, complex codebases with endless moving parts and scenarios. To keep up with the evolving landscape of the coding environment, coders are adopting AI tools to augment their workflows and enhance their productivity. According to the 2024 DORA Report from Google Cloud, 75% of developers now use AI coding assistants like GitHub and Cursor. Endor Labs focuses on building a better application security platform that allows developers to catch security issues faster before they become problems. It focuses on building a complete understanding of a company's codebase so that a software team can pinpoint and fix critical issues and dive into the code supply chain - even if that code is written by AI tools. "This is the vibe coding era, where AI coding assistants generate large volumes of code with minimal developer oversight or review," Endor Labs said in a blog post. "Developers increasingly trust their AI assistants, often accepting suggestions with little modification. It's fast, efficient, and transformative -- but it's also risky." To do this, Endor said, it's launching a new platform architecture designed to tackle the challenges of AI-generated code based on how AI training tools and their underlying AI models operate. Problematically, AI coding tools tend to "hallucinate," or generate bad code. Oftentimes the code won't work at all, but sometimes when it does it is riddled with bugs or could contain a potential exploit. A recent article from cybersecurity firm Socket noted that open-source models hallucinated more frequently at 21.7% on average compared to commercial models at 5.2%. The company said the expansion of its application security platform is also powered by AI models and agents, which explore AI-generated code. Endor said it uses the industry's richest security datasets to identify risks, prioritize them, propose remediations and apply fixes automatically. By combining these purpose-built AI agents for application security teams with a deep understanding of company code and AI-aware reasoning capabilities, Endor said that it will be able to head off the biggest problems caused by AI-generated code. The newly launched capabilities will integrate directly with AI coding tools developers already use in the field such as GitHub Copilot and Cursor, the company said. This will embed security analysis directly into their workflows even before they merge new code into their codebases.

Endor Labs Raises $93M Series B to Secure the AI Code Revolution By Investing.com

New funding supports scaling secure software development"from open source to AI"while boosting developer velocity and raising the bar on customer experience PALO ALTO, Calif., April 23, 2025 /PRNewswire/ -- Endor Labs, the fastest-growing company in application security, today announced its oversubscribed $93 million Series B funding round led by DFJ Growth, with participation from Salesforce Ventures and existing backers including Lightspeed Venture Partners, Coatue, Dell Technologies Capital, Section 32, and Citi Ventures. Endor Labs has achieved 30x Annual Recurring Revenue (ARR) growth and 166% Net Revenue Retention (NRR) since its Series A just 18 months ago. The platform now protects more than 5 million applications and runs over 1 million scans each week for customers including OpenAI, Rubrik, People.ai, Observe.ai, Mysten Labs, and several global financial institutions. "Developers' increasing reliance on AI-generated code further complicates the challenge for security teams," said Ramin Sayar, Venture Partner, DFJ Growth. "Endor Labs embraces this shift with their unparalleled expertise in rethinking security from the ground up " and outing risky AI-generated code and uniquely optimizing remediation strategies." Today's Series B funding round will support the expansion of the Endor Labs' AppSec platform that uses this context to power a new generation of AI agents that operate inside the software development lifecycle"not just alerting, but acting. The company today also announced its major expansion of its AppSec platform"purpose-built for the era of AI-generated code and "vibe coding." Powered by agentic AI and the industry's richest security dataset, the platform doesn't just identify risks"it prioritizes them, proposes remediations, and can apply fixes automatically. The result: entire classes of threats are neutralized before they ever reach production. You can read more about it here. "We are building for the scale required to secure this AI era and not letting intermediate market volatility diverge us from our big goals. Our marquee customers need an application security platform that supports the pace of development they are confronting with AI. It is an honor to be that platform, to do a raise proactively, at a time like this, and to get to work with such quality investors, who share our commitment to excellence and innovation," said Varun Badhwar, co-founder and CEO of Endor Labs. The funding is a testament to Endor Labs' unique market position. It is built for a world where software is being written faster"and with less oversight"than ever before. With 62% of AI-generated solutions containing bugs or security vulnerabilities, and nearly 30% including critical weaknesses, traditional tools simply can't keep up. Endor Labs addresses this head-on with a unique combination of deep technical analysis and intelligent automation. For more information about the expanded AI platform, please visit: http://www.endorlabs.com/learn/meet-the-appsec-platform-built-for-the-ai-era Going to RSA Conference? Come meet us there! About Endor Labs Endor Labs is building the application security platform for the software development revolution. From open source to AI-generated code, it helps teams identify, prioritize, and fix the vulnerabilities that actually matter"faster. With deep program analysis, automated remediation, and unmatched dataset coverage, Endor Labs empowers modern engineering and security teams to move fast without compromise. DFJ Growth is a prominent investor in emerging technology leaders during their scaling phase of development. Founded in 2005, DFJ Growth partners with extraordinary, mission-driven entrepreneurs disrupting the status quo with game-changing innovations that become iconic companies. Our investments include Anaplan (NYSE: PLAN), Anduril, Box (NYSE: BOX), Cellares, Coinbase (NASDAQ: COIN), Commonwealth Fusion Systems, Neuralink, Patreon, Ring (Amazon), ScaleAI, SolarCity (Tesla), SpaceX, Stripe, Tesla (NASDAQ: TSLA), Twitter, Unity (NYSE: U), and xAI. DFJ Growth is a fearless investor and steadfast partner to founders who imagine the future and execute on their bold visions to define it.