Endor Labs launches AURI security intelligence

Endor Labs launched AURI, a unified security intelligence platform intended to insert security checks into agentic software development so teams could move fast without compromising safety.

The company positioned the release against a shift toward Artificial Intelligence (AI) agents in development, noting that 90% of teams used AI coding assistants while only 61% of code was functionally correct and just 10% was both functionally correct and secure; AURI was presented as a response to those gaps.

The platform combined agentic reasoning with deterministic static analysis to assess code generated by autonomous agents, performing deep code reasoning, full-stack reachability analysis, and agentic remediation by linking signals from first-party code, open-source dependencies, container images, and AI models into a single view.

Endor Labs offered a free developer tier of its Model Context Protocol (MCP) server so AI coding assistants and autonomous agents could access AURI's security intelligence inside developer workflows, and it provided Skills, MCP, and command-line integrations for installation in Integrated Development Environments (IDEs) including Cursor, VS Code, and VSCode, with the option to extend across Continuous Integration and Continuous Deployment (CI/CD) pipelines and workflows.

“Every AI coding agent faces the same blind spot: it can generate code, but it can't see your full application context — how your code, dependencies, containers, and services actually connect,” said Varun Badhwar, CEO and co-founder of Endor Labs. “The application security market is undergoing a structural shift in how controls are implemented, embedding them directly into code generation, review, and maintenance workflows rather than relying primarily on post-development scanning,” said Katie Norton, research manager for DevSecOps and Software Supply Chain Security at IDC. “Over 97% of vulnerabilities flagged by our previous tool weren't reachable in our application,” said Travis McPeak, Security at Cursor.

The company said organizations could extend AURI across CI/CD pipelines and workflows.