AI-generated code is no doubt changing how software is built, but it’s also introducing new security challenges. More than 50% of organizations encounter security issues with AI-produced code sometimes or frequently, according to a late 2023 survey by developer security platform Synk.
For Endor Labs, that opportunity proved alluring enough that it chose to change course somewhat. Endor started off helping companies secure their open-source package dependencies — in fact, it even raised a $70 million Series A round just two years ago to grow its developer pipeline governance service.
But the startup’s co-founders Varun Badhwar and Dimitri Stiliadis saw growing demand elsewhere — spotting and combating vulnerabilities in the growing masses of code that engineers use AI to generate and fine-tune.
Today, Endor runs a platform that, it claims, can not only review code and identify risks, but also recommend “precise” fixes and apply them automatically. The company offers a plugin for AI-powered programming tools like Cursor and GitHub Copilot that scans code as it’s written and flags issues.
The pivot could prove to be a wise choice. On Wednesday, Endor announced that it closed a $93 million Series B round led by DFJ Growth, with participation from Salesforce Ventures, Lightspeed Venture Partners, Coatue, Dell Technologies Capital, Section 32, and Citi Ventures.
Badhwar (CEO) said that the round values Endor at “orders of magnitude higher” than its Series A valuation. The proceeds will be used to expand Endor’s platform, he added. The Series B brings the startup’s total capital raised to $163 million.
“This new round positions us to continue delivering, even in a tougher macro environment than similar companies faced five to ten years ago,” Badhwar told TechCrunch. “We raised now because we’re seeing strong momentum — 30x annual recurring revenue growth since our Series A in 2023 — and this lets us double down on delivering outcomes for our customers.”
Several months ago, Endor launched a tool designed to help organizations spot where AI models and services integrate with their codebase, and evaluate the integrations for security flaws. The idea is to provide better oversight as AI programming tools proliferate, said Badhwar.
Endor says it now protects more than 5 million applications and runs over a million scans each week for customers including OpenAI, Rubrik, Peloton, Snowflake, Egnyte and Dropbox.
“We came out of stealth in October 2022 — right as interest rates spiked — and we’ve seen strong traction ever since,” Badhwar said.
Ramin Sayar, venture partner at DFJ Growth, said his firm invested because Endor found itself at the right place, at the right time.
“As generative AI transforms coding practices, developers are generating vast amounts of code without thorough visibility and control,” Sayar told TechCrunch. “Endor Labs is not only setting a new standard in application security — the team is creating a movement by launching their expanded platform.”
Endor currently has 133 employees concentrated in its offices in Palo Alto and Bangalore.
