Endor Labs, a leader in software supply chain security, has announced a strategic investment from Citi Ventures. This investment further validates Endor Labs’ unique approach to securing the software supply chain, following a $70M oversubscribed Series A financing round less than a year ago from Lightspeed Venture Partners (LSVP), Coatue, Dell Technologies Capital, Section 32, and more than 30 industry-leading CEOs, CISOs, and CTOs.
Endor Labs was founded in 2022 by industry veterans and serial entrepreneurs Varun Badhwar and Dimitri Stiliadis to address a significant yet largely overlooked market need in application security. Development teams increasingly rely on dependencies such as Open Source Software (OSS), LLMs, containers, code repositories, and CI/CD pipeline tools to ship products faster. These dependencies can introduce risks that development and security teams lack visibility into.
Currently, application security teams spend countless hours prioritizing risks while developers are overwhelmed with uncontextualized security alerts. Endor Labs identifies meaningful, reachable risks across dependencies in the software development lifecycle, providing teams with the evidence needed to address only the most critical issues.
Since its inception, Endor Labs has quickly gained traction with Fortune 500 enterprises and emerging cloud-native companies. The company was named a finalist at the 2023 RSA Conference Innovation Sandbox and 2023 Black Hat Startup Spotlight, a SINET16 Innovator Award Winner, and has been recognized multiple times as one of the Best Places to Work.
“Financial institutions employ tens of thousands of developers and often outpace technology companies in innovation and shipping new applications,” said Varun Badhwar, CEO and co-founder of Endor Labs. “Software supply chain security is now a board-level concern for these organizations because neglecting it or getting it wrong not only exposes the organization to significant risk but also costs hundreds of millions in lost developer productivity. Endor Labs already serves some of the largest financial institutions in the US, and our work with Citi gives us even better insights into solving problems at this scale.”
Citi Ventures, with a presence in regions from Palo Alto to Singapore and Tel Aviv, invests in category-defining startups revolutionizing financial services.
“Citi runs one of the largest software development organizations in the world,” said Clark Smith, Head of Engineering and Architecture for CISO & Managing Director at Citi. “At this scale, lost productivity due to false positive alerts is a compounding issue. Endor Labs integrates seamlessly into the developer workflow and helps pinpoint supply chain risks that may affect our business.”
“Endor Labs represents the next major innovation in application security,” said Matt Carbonara, Head of Enterprise Tech Investing at Citi Ventures. “Their platform represents a technological step change in how vulnerabilities are analyzed. For a long time, developers have had to manually analyze vulnerabilities to assess if they are exercised in production. We believe that the reachability analysis provided by Endor Labs will be a must-have technology for enterprises, focusing developers’ efforts on only the most critical and reachable vulnerabilities and saving them countless hours. We’re extremely excited to become investors and partner with Varun and the team.”
