Endor Labs has recently launched DroidGPT, an extension of their software designed to assess any potential risks within open source code. With this extension, developers can easily find the most secure versions of the open source packages they need. Integrating ChatGPT artificial intelligence platform, they can send out a query written in natural language asking DroidGPT to locate the safest logging modules of their Java applications.
Varun Badhwar, Endor Labs CEO, stated the main goal of this launch is to make the processing of open source packages for application development much simpler and more secure. By downloading older versions of the packages, developers are putting their applications at risk of vulnerabilities that have not been remedied.
Endor Labs’ Dependency Lifecycle Management platform can pinpoint exactly the depth of dependencies that have occurred between application and the third-party components. In addition, the DroidGPT will help in determining which components have the most secure version and apply guardrails for any application development processes.
Recent statistics have shown a significant rise in the use of open source software for application assembly. Research done by Endor Labs found that ninety-five percent of application vulnerabilities are due to a transitive dependency formed when the developer downloads components from an open source platform.
The threat of potential cyber-attacks being hidden through these vulnerabilities has become a major concern. Recognizing this, organizations are beginning to focus more heavily on securing their software supplies. Moreover, due to a lack of cybersecurity knowledge many of these applications wind up being neglected.
To address this, Endor Labs’ droidGPT serves to make it easier to identify and update vulnerable components within applications while they are built or after they are deployed. Being aware of the functional dependency that is created when a third-party component is downloaded is also necessary for assessing the risks.
After this, businesses can use accurate software bills of materials (SBOMs) to generate and analyze the dependencies in dynamic updates to an application. This is a major step towards improving security and advocating users to become more familiar with DevSecOps approaches for building secure applications.
Endor Labs is an international management-tech firm, founded in 2018 and based in Tel Aviv & California, that specializes in AI-driven platform solutions within the enterprise world. Their aim is to revolutionize the way organizations deliver and use predictive insights. They have been working on solutions to provide potential solutions in a range of areas, from marketing campaigns to cybersecurity.
Mr Varun Badhwar is the founder and CEO of Endor Labs. An Indian-Israeli technology exec, he previously worked as a CEO of a SaaS company, led venture capital-backed startups, and was CTO of a publicly traded tech services company. He holds 14 US technology patents. Varun is an adjunct professor at Carnegie Mellon’s Heinz College and is a Harvard Innovation Lab Mentor.
