Endor Labs, a leading application security startup that has secured over $208 million in venture funding, has unveiled AURI, a groundbreaking platform that incorporates real-time security intelligence directly into AI coding tools. This innovative product is now accessible to individual developers at no cost and seamlessly integrates with popular AI coding assistants such as Cursor, Claude, and Augment through the Model Context Protocol (MCP).
The launch of AURI comes at a critical juncture, highlighted by recent research revealing that while AI coding assistants are increasingly prevalent in development teams, they only generate functionally correct code approximately 61% of the time, with a mere 10% of that output being both functional and secure. According to Endor Labs CEO Varun Badhwar, this disparity between functional and secure code underscores the necessity for AURI and underscores the urgency behind its release.
The core issue driving the development of AURI lies in the structure of AI-assisted software development. AI coding models are trained on vast repositories of open-source code sourced from the internet, encompassing best practices as well as documented vulnerabilities, insecure patterns, and flaws that may remain undetected for extended periods. Recognizing this challenge, Badhwar, along with Dimitri Stiliadis, co-founded Endor Labs four years ago to address the evolving landscape of software development influenced by AI.
AURI sets itself apart with its distinctive “code context graph,” providing a comprehensive, function-level mapping of an application’s first-party code, open-source dependencies, container layers, and AI models. Unlike competitors like Snyk and GitHub’s Dependabot, AURI delves into the precise utilization of code components, down to individual lines, offering a nuanced analysis that enhances security assessments.
Moreover, AURI’s approach combines LLMs for reasoning and contextualization with deterministic tools to ensure consistent security findings. By automating vulnerability detection, triage, and remediation, the platform substantially reduces security findings for enterprise clients, eliminating millions of dollars in lost developer productivity attributed to investigating false positives.
Endor Labs offers a free tier of AURI for individual developers, while the enterprise version caters to larger organizations with enhanced customization, policy configuration, and integration capabilities across CI/CD pipelines. The platform’s deployment options encompass local scanning, ephemeral cloud containers, and on-premises Kubernetes clusters, underscoring Endor Labs’ commitment to flexibility and security.
As Endor Labs continues to advance its mission of bolstering application security, AURI has already demonstrated its efficacy in identifying zero-day vulnerabilities and actively detecting malware campaigns in ecosystems like NPM. The company’s robust financial backing and exponential growth underscore its position as a trailblazer in the security landscape, safeguarding over 5 million applications for prominent clients such as OpenAI, Dropbox, and Atlassian.
In navigating the evolving terrain of AI-driven development, AURI represents a pivotal step towards bridging the gap between functionality and security. By empowering developers with the tools and intelligence needed to fortify their code, Endor Labs is poised to reshape the future of application security and ensure that security keeps pace with the rapid advancements in autonomous software agents.
