Endor Labs Collaborates with Microsoft Defender for Cloud
November 25, 2024

Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).

This integration further empowers organizations to consolidate their application security and cloud security programs into a single platform, securing cloud workloads and code seamlessly in one place. Customers can now deploy SCA and CNAPP solutions from a unified dashboard, achieving comprehensive security coverage from code to runtime. 

With the native integration, teams can correlate SCA findings with runtime alerts to view code-to-runtime attack paths. This means security teams can now trace exploitable vulnerabilities found in open-source software (OSS) dependencies directly to potential exploit paths in their cloud environments. By connecting the dots between application code and cloud infrastructure, teams can prioritize remediation efforts more effectively, reducing risk across the entire software development lifecycle. Code-to-runtime context also reveals toxic combinations of security issues, for example, a reachable vulnerability in an open-source package that is used on an internet reachable cloud workload. The native integration allows Defender for Cloud users to see a full attack path, from code committed (e.g. in Microsoft Azure DevOps, GitHub, or GitLab) to runtime workloads deployed on Azure, AWS, or Google Cloud Platform.

Currently in Public Preview, the Endor Labs integration with Microsoft Defender for Cloud brings function-level reachability analysis directly into the Defender for Cloud console. This addresses a critical challenge in application security: although only 9.5% of vulnerabilities are exploitable within a given application context, teams often lack the means to identify which ones are truly critical. Without proper context, they face the dilemma of conducting time-consuming manual research or attempting to fix all vulnerabilities, neither of which is sustainable nor efficient. With vulnerability findings often numbering in the hundreds or thousands, strategy supports business requirements or compliance SLAs (such as FedRAMP).  

Endor Labs provides a natively integrated software as a service (SaaS) solution for reachability-based SCA. With the Defender for Cloud integration, deploying and configuring SCA becomes a streamlined process. Once deployed, Security engineers receive function-level reachability analysis for each vulnerability finding, whether discovered at build or in production, and can see where function-level reachable vulnerabilities are part of running applications. A "reachable" finding indicates an attack path exists from the developer's code through OSS dependencies to a vulnerable library or function. With this insight, security engineers can identify genuine threats and prioritize remediation based on the exploit's probability and severity.  

By unifying SCA findings and cloud security findings, and providing new methods of prioritization, the collaboration consolidates tools and reduces noise. Application and Cloud Security teams are now able to achieve end-to-end protection without the productivity tax of implementing, maintaining, and using multiple platforms.

Share this

Industry News

December 03, 2024

SmartBear announced its acquisition of QMetry, provider of an AI-enabled digital quality platform designed to scale software quality.

December 03, 2024

Red Hat signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS) to scale availability of Red Hat open source solutions in AWS Marketplace, building upon the two companies’ long-standing relationship.

December 03, 2024

CloudZero announced the launch of CloudZero Intelligence — an AI system powering CloudZero Advisor, a free, publicly available tool that uses conversational AI to help businesses accurately predict and optimize the cost of cloud infrastructure.

December 03, 2024

Opsera has been accepted into the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program, a co-sell program for AWS Partners that provides software solutions that run on or integrate with AWS.

December 02, 2024

Spectro Cloud is a launch partner for the new Amazon EKS Hybrid Nodes feature debuting at AWS re:Invent 2024.

December 02, 2024

Couchbase unveiled Capella AI Services to help enterprises address the growing data challenges of AI development and deployment and streamline how they build secure agentic AI applications at scale.

December 02, 2024

Veracode announced innovations to help developers build secure-by-design software, and security teams reduce risk across their code-to-cloud ecosystem.

December 02, 2024

Traefik Labs unveiled the Traefik AI Gateway, a centralized cloud-native egress gateway for managing and securing internal applications with external AI services like Large Language Models (LLMs).

December 02, 2024

Generally available to all customers today, Sumo Logic Mo Copilot, an AI Copilot for DevSecOps, will empower the entire team and drastically reduce response times for critical applications.

December 02, 2024

iTMethods announced a strategic partnership with CircleCI, a continuous integration and delivery (CI/CD) platform. Together, they will deliver a seamless, end-to-end solution for optimizing software development and delivery processes.

November 26, 2024

Check Point® Software Technologies Ltd. has been recognized as a Leader and Fast Mover in the latest GigaOm Radar Report for Cloud-Native Application Protection Platforms (CNAPPs).

November 26, 2024

Spectro Cloud, provider of the award-winning Palette Edge™ Kubernetes management platform, announced a new integrated edge in a box solution featuring the Hewlett Packard Enterprise (HPE) ProLiant DL145 Gen11 server to help organizations deploy, secure, and manage demanding applications for diverse edge locations.

November 26, 2024

Red Hat announced the availability of Red Hat JBoss Enterprise Application Platform (JBoss EAP) 8 on Microsoft Azure.

November 26, 2024

Launchable by CloudBees is now available on AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).