News Froggy
newsfroggy
HomeTechReviewProgrammingGamesHow ToAboutContacts
newsfroggy

Your daily source for the latest technology news, startup insights, and innovation trends.

More

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

Categories

  • Tech
  • Review
  • Programming
  • Games
  • How To

© 2026 News Froggy. All rights reserved.

TwitterFacebook
Tech

Endor Labs Launches AURI Free, Citing 10% Secure AI-Generated Code

Endor Labs, the application security startup backed by over $208 million in venture funding, today launched AURI, a new platform designed to embed real-time security intelligence directly into AI coding tools. This

PublishedMarch 4, 2026
Reading Time4 min
Endor Labs Launches AURI Free, Citing 10% Secure AI-Generated Code

Endor Labs, the application security startup backed by over $208 million in venture funding, today launched AURI, a new platform designed to embed real-time security intelligence directly into AI coding tools. This release comes as new research indicates a significant security gap: only 10% of AI-generated code is found to be both functional and secure.

AURI is immediately available free for individual developers, integrating natively with popular AI coding assistants like Cursor, Claude, and Augment through the Model Context Protocol (MCP). The company aims to address a critical challenge arising from the widespread adoption of AI in software development, where 90% of teams now leverage these tools.

The Urgent Need for Secure AI-Generated Code

The launch highlights a growing concern within the developer community. While AI coding models accelerate productivity, they are often trained on vast repositories of open-source code that include not only best practices but also known vulnerabilities and insecure patterns. Varun Badhwar, CEO of Endor Labs, explained that models, despite learning best practices, tend to replicate past security issues.

Traditional security scanning tools, designed for human-paced coding, struggle to keep up with the speed and volume of AI-generated code. This creates a feedback loop where AI tools rapidly produce code, much of it potentially insecure, overwhelming security teams and increasing the risk of new vulnerabilities.

AURI's Innovative Code Context Graph

Endor Labs distinguishes AURI through its "code context graph," a deep, function-level map tracing how an application's first-party code, open-source dependencies, container layers, and AI models interconnect. Unlike competitors that merely check imported libraries against vulnerability databases, AURI pinpoints the exact usage and context of components, identifying precise lines of code with vulnerabilities.

This approach, developed by a team including 13 PhDs specializing in program analysis, drastically reduces false positives. Badhwar cites an example where an application might only use 10 lines from a 100,000-line AWS SDK; AURI's full-stack reachability analysis ignores vulnerabilities in the 99,990 unused lines. This leads to an average 80% to 95% reduction in security findings for enterprise customers, saving significant developer productivity.

Freemium Strategy for Broad Adoption

To drive rapid adoption, AURI's core functionality is offered free to individual developers through an MCP server that integrates with IDEs like VS Code and Cursor. This free tier requires no sign-up or credit card and crucially, runs entirely on the developer's machine, ensuring code privacy by keeping all scanning local.

The enterprise version expands on this with features essential for large organizations, including full customization, policy configuration, role-based access control, and integration across CI/CD pipelines. This freemium model mirrors successful strategies from companies like GitHub and Atlassian, aiming to embed AURI where code is being written.

Championing Independent Security Review

Badhwar emphasizes the importance of independence in security review, particularly as AI model providers begin offering their own security tools. He argues that relying on the same tool to generate and review code poses a conflict of interest, advocating for separate, deterministic, and verifiable security solutions.

Endor Labs combines the reasoning capabilities of LLMs with deterministic tools, ensuring consistency and verifiability of findings. Beyond detection, AURI simulates upgrade paths and recommends remediation routes that avoid breaking changes, which can then be confidently executed by developers or AI agents.

Real-World Impact and Future Outlook

AURI has already demonstrated its effectiveness, notably identifying seven zero-day vulnerabilities in the popular agentic AI assistant OpenClaw in February 2026, six of which were subsequently patched. The company also actively tracks malware campaigns in ecosystems like NPM.

Well-capitalized with a $93 million Series B round closed in April 2025, Endor Labs serves major clients including OpenAI, Dropbox, Atlassian, Snowflake, and Robinhood. Its platform protects over 5 million applications and performs more than 1 million scans weekly, supporting compliance with frameworks like FedRAMP, NIST, and the European Cyber Resilience Act.

Badhwar remains optimistic about security tooling evolving alongside AI-driven development, drawing parallels to the industry's adaptation to cloud computing. He believes AI agents, given the right context, can solve long-standing security challenges by prioritizing fixes without human intervention.

FAQ

Q: What is AURI by Endor Labs? A: AURI is a free tool launched by Endor Labs that integrates directly into AI coding assistants to provide real-time security intelligence, helping developers identify and fix vulnerabilities in AI-generated code early in the development process.

Q: How does AURI differ from other application security tools? A: AURI utilizes a unique "code context graph" to perform full-stack reachability analysis. Instead of just flagging all known vulnerabilities in imported libraries, it traces exactly how and where components are used, reducing false positives by focusing on truly reachable and exploitable flaws.

Q: Is the free version of AURI secure and private for individual developers? A: Yes, the free version of AURI is designed with privacy in mind. It runs entirely on the developer's local machine, meaning all code scanning and analysis occurs locally, and no proprietary code is copied to Endor Labs' servers.

#industry#VentureBeat#Technology#Security#endor#labsMore

Related articles

Uber’s Robotaxi Lobbying Effort Pits It Against Waymo in DC Battle
Tech
TechCrunchJul 13

Uber’s Robotaxi Lobbying Effort Pits It Against Waymo in DC Battle

Uber and Waymo are clashing over a proposed D.C. robotaxi bill, with Uber pushing for a hybrid model that includes human drivers on ride-hailing platforms, while Waymo backs direct driverless deployment. This lobbying battle highlights fundamentally different visions for the future of autonomous transportation and could set a national precedent.

Augmodo Secures $21M to Propel Spatial AI Beyond Retail to Physical
Tech
GeekWireJul 13

Augmodo Secures $21M to Propel Spatial AI Beyond Retail to Physical

Seattle-based startup Augmodo has successfully closed a $21 million funding round, boosting its valuation to $350 million. This significant investment is set to accelerate the company’s expansion of its spatial AI

A Leak of San Francisco Police Drone Footage Exposes Urban
Tech
WiredJul 13

A Leak of San Francisco Police Drone Footage Exposes Urban

Hours of SFPD drone footage from a Skydio platform have leaked, revealing extensive aerial surveillance over San Francisco. This exposure highlights how broadly police are monitoring the city and the critical risks of sensitive data spilling online, raising significant privacy and security concerns.

NHTSA Issues Robotaxi Ultimatum Over Emergency Interference
Tech
TechCrunchJul 13

NHTSA Issues Robotaxi Ultimatum Over Emergency Interference

NHTSA has issued a stark warning to autonomous vehicle developers, demanding immediate solutions to prevent interference with first responders. This federal directive follows recent high-profile incidents involving Waymo robotaxis in San Francisco and escalating tensions between major industry players like Uber and Waymo. The ultimatum marks a critical juncture for the burgeoning robotaxi sector.

DeepSeek's 75% Price Cut: A Glimmer of Hope Dimmed by '100x Problem
Tech
VentureBeatJul 13

DeepSeek's 75% Price Cut: A Glimmer of Hope Dimmed by '100x Problem

DeepSeek's recent 75% price reduction for its V4-Pro model, a move that should have been unequivocally celebrated by the enterprise AI sector, is instead revealing a critical flaw in the economic model of AI agent

regional: Etzioni on AI: Who disagrees with you about AI? Here’s what
Tech
GeekWireJul 13

regional: Etzioni on AI: Who disagrees with you about AI? Here’s what

Oren Etzioni's latest analysis reveals stark divisions in AI perception across countries, genders, ages, professions, and political affiliations. Trust in AI is highest in growing economies and among developers, while caution or fear dominates in mature economies and among those threatened by job displacement.

Back to Newsroom

Stay ahead of the curve

Get the latest technology insights delivered to your inbox every morning.