Endor Labs came out of stealth on Monday and launched its Dependency Lifecycle Management Platform, designed to ensure end-to-end security for open source software (OSS). The software addresses three key things—helping engineers select better dependencies, helping organizations optimize their engineering, and helping them reduce vulnerability noise.
The platform scans the source code and offers feedback to developers and security teams on what is potentially good and bad about the libraries. Based on this, developers can make better decisions on which dependencies or libraries to use, where to use them, and who should use them.