Endor Labs, creators of the Dependency Lifecycle Management platform helping development and security teams maximize the use of open source software (OSS), announced a 100% commitment to the channel and launched Endor Labs Hyperdrive, a global partner program designed to create powerful technology combinations for supply chain security, dependency selection and lifecycle management. In an environment where the software dependency lifecycle is a vital factor in technology development, Endor Labs Hyperdrive sets a new standard in inter-company collaboration to protect entire software inventories and turbo-charge application development.
“Open source software gives organizations a huge boost in development velocity, and that’s why more than 80% of the code in modern applications is repurposed from existing OSS resources,” said Andrew Davidson, VP of Business Development and Alliances at Endor Labs. “However, software of this caliber needs security to match, and so far, that’s been missing. Our own research reveals that 95% of vulnerabilities can be found in ‘transitive’ dependencies, code pulled into new projects without the developers’ approval or even knowledge. Endor Labs Hyperdrive offers a new channel through which to strengthen security for the software supply chain, and we’re honored to bring it to market.”
“Security has generally lagged behind in the understanding and management of open source software risks,” said Maxim Kovalsky, Managing Director and head of Software Supply Chain Security services at Grant Thornton LLP. “This is not entirely surprising given that it is a fairly recent attack vector for cyber threat actors seeking to scale their operations. Our dependency risk solutions, powered by Endor Labs Hyperdrive, enhance our ability to help clients better leverage the undeniable value of open-source software while managing its risks, and this initiative fuels a truly collaborative effort to gain full visibility of the software dependency graph. This is the best way to maximize productivity by reducing vulnerabilities in the software being used.”
Inaugural partners include CleverBits, Fortifire, Grant Thornton, Intuitive Cloud, TachTech, Tevora and Zinfinity. By featuring Endor Labs technology in their solution sets, companies participating in the Hyperdrive program gain a powerful competitive advantage. The capabilities are designed to earn the trust of risk-conscious executives and organizations concerned with compliance, accountability and control.
By contrast, most available solutions come up short. For example, Software Composition Analysis (SCA) tools lack context on how the dependencies are being used and drown developers with endless false positives. Some options are unable to detect malicious dependencies or prioritize remediation, and can’t contribute to OSS selection. Finally, a typical SBOM (Software Bill of Materials)—once touted as the ideal option for true transparency—is typically incomplete and doesn’t list all components being used.
With the Endor Labs platform, the entire OSS lifecycle can be seamlessly managed, all the way from dependency selection through remediation and management. Companies get to select better dependencies, then manage and update them optimally, and gain enhanced visibility through the dependency graph. There is also vulnerability detection based on known and unknown indicators of risk, along with prioritization and remediation. The technology helps create comprehensive SBOMs and eases compliance management.
These are major advantages in a market where:
- The average enterprise has more than 40,000 open-source dependencies directly downloaded by developers.
- Each of these dependencies can bring in, on average, 77 other ‘transitive’ dependencies, creating a massive and uncontrollable sprawl that slows development, even as it increases the attack surface across multiple dimensions.
The Endor Labs technology accelerates the POC and selection process for prospective clients of partners in the Hyperdrive program, eliminating the need for complex configurations or architecture reviews. Hyperdrive partners will receive the full complement of expert presales support, solution deployment, and ongoing customer success. Hyperdrive partners directly benefit from unlocking new services revenue streams from advising, building and running OSS lifecycle programs. Endor Labs understands the immense value of ecosystem partners and is committed to a channel-first go-to-market strategy. Hyperdrive is available to partners in North America, South America, Europe, the Middle East and Africa (EMEA) and Asia-Pacific (APAC).
About Endor Labs
Endor Labs is led by 3X founder and category builder, Varun Badhwar as CEO and built by proven builders from companies like Palo Alto Networks, RedLock, Microsoft, Sonatype, Meta, Amazon, Uber and more. The company is funded by Lightspeed Venture Partners, Dell Technologies Capital, and Sierra Ventures, and has already won the confidence, investment and endorsement of 40+ industry-leading Silicon Valley CISOs and business leaders.