Endor Labs Enhances AURI: Next-Gen Security for AI Coding Agents
Endor Labs Enhances AURI: Next-Gen Security for AI Coding Agents
In the evolving landscape of software development, Endor Labs has made a significant leap forward with its agentic application security platform, AURI. As organizations increasingly rely on AI coding agents to expedite development processes, the need for robust security measures has never been more critical. On May 12, 2026, the company revealed two new capabilities: Agent Governance and Package Firewall.
Understanding the New Capabilities
Agent Governance is designed to offer security teams real-time visibility into the actions of AI coding agents. This means that IT security can monitor exactly what these agents are integrating, running, and producing. By ensuring that teams have a comprehensive grasp of an agent's behavior, organizations can enforce policies and assess risks more effectively.
Complementing this is the Package Firewall, a proactive measure that blocks malicious packages before they infiltrate developer workstations. This feature addresses a significant threat faced by modern development environments—the unchecked inclusion of risky external dependencies that can lead to vulnerabilities.
Both capabilities are essential in light of emerging threats. Recent findings from Endor Labs indicate a staggering 14 times increase in malware advisories within open-source ecosystems over the past two years. Alarmingly, 92% of npm maintainer account takeovers occurred in 2025, highlighting the vibrant threat landscape. The increase in supply chain attacks targeting not only application code but also the underlying infrastructure that supports it means that security teams must now defend against threats beyond mere application layers.
The Rising Threat of AI Coding Agents
Endor Labs’ CEO and Founder, Varun Badhwar, emphasized that AI coding agents now possess access comparable to the most trusted engineers, yet many organizations lack insight into these agents' actual activities. This presents a blind spot for security and engineering teams, with nearly 70% of CISOs expressing concerns about limited visibility regarding AI utilization within their environments. As enterprises accelerate their coding processes with AI tools, understanding how these agents operate becomes paramount for safeguarding sensitive data and systems.
Brian McCarthy, President of Global Revenue and Field Operations at Cursor, noted that engineering and security leaders aren't questioning whether to adopt agentic coding; instead, they are focused on how to implement it securely at scale. Through investments in security controls and partnerships—as with Endor Labs—enterprises can ensure that developers maintain high velocity while adhering to necessary security measures.
Key Features of AURI
The introduction of AURI marks a pivotal moment in securing agentic development environments. This security harness features a patented code context graph that builds a thorough model of your architecture, services, code, and open-source dependencies. In doing so, AURI equips teams with the capability to understand code behavior and tailor security measures according to specific application contexts.
Features of Agent Governance:
- - Inventory tracking of AI agents and tools across different environments.
- - Monitoring usage of Model Context Protocol (MCP) servers to understand agent behavior and associated risks.
- - Real-time detection and blocking of harmful actions such as unauthorized prompts or commands.
Features of Package Firewall:
- - Immediate scanning of open-source packages from npm, PyPI, NuGet, and Maven to catch potentially harmful code before incorporation.
- - Enforcement of security policies related to vulnerabilities and licensing to safeguard developers.
- - Implementation of cooldown periods to mitigate risks from recently published malicious packages.
Conclusion
As reliance on AI coding agents keeps growing, so too does the necessity for advanced protective measures within development environments. Endor Labs’ new features for AURI, specifically Agent Governance and Package Firewall, empower organizations to manage the complexities of AI integration without compromising on security. This ensures that engineers can work efficiently while maintaining the robust protection needed against an ever-evolving threat landscape.
For those interested in learning more about Endor Labs, the enhanced capabilities of AURI, or how they can secure their development pipelines, additional information can be found on Endor Labs' official website.
Topics General Business)
【About Using Articles】
You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.
【About Links】
Links are free to use.