Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure

· Source: VentureBeat · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Advanced, long

Summary

Endor Labs, an application security startup with over $208 million in venture funding, has launched AURI, a free platform designed to embed real-time security intelligence directly into AI coding tools. This release addresses a critical gap: while 90% of development teams use AI coding assistants, research indicates only 10% of AI-generated code is both functional and secure. AURI integrates with popular AI coding assistants like Cursor, Claude, and Augment via the Model Context Protocol (MCP). The platform's core differentiator is its "code context graph," which maps application components at a function level, performing full-stack reachability analysis to identify and prioritize actual vulnerabilities, reducing false positives by 80% to 95%. Endor Labs offers a free tier for individual developers that runs locally and an enterprise version with advanced features and flexible deployment options.

Key takeaway

For CTOs and VPs of Engineering evaluating AI coding assistant adoption, recognize that while these tools boost productivity, they introduce significant security risks. Your teams should implement independent, deterministic security solutions like AURI to validate AI-generated code, ensuring vulnerabilities are identified and remediated before deployment. This approach mitigates the risk of inheriting insecure patterns and reduces developer time lost to false positives.

Key insights

AI-generated code often lacks security, necessitating specialized tools for vulnerability detection and remediation.

Principles

Method

AURI uses a "code context graph" for deep, function-level mapping of code and dependencies, applying full-stack reachability analysis to pinpoint and prioritize actual vulnerabilities.

In practice

Topics

Best for: CTO, VP of Engineering/Data, Director of AI/ML, Software Engineer, AI Security Engineer, MLOps Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by VentureBeat.