Deal accelerates Endor Labs’ expansion into container reachability analysis
Endor Labs, the leader in AI-native application security, today announced the acquisition of Autonomous Plane, a cloud-native application security company founded by Kyle Quest, creator of DockerSlim. The acquisition expands Endor Labs’ AI-native application security platform to deliver full-stack reachability across applications and container images, helping organizations dramatically improve vulnerability prioritization and secure modern, AI-generated software.
AI coding agents are fundamentally changing how software gets built, increasingly generating complete software artifacts across code, open-source dependencies, and container images. This shift creates security blind spots as traditional point-in-time scanning misses the interconnected nature of AI-generated applications. Enabled by technology developed by Kyle Quest, who joined Endor Labs through the acquisition, full-stack reachability combines source code analysis with dynamic and static container analysis to model applications end-to-end, tracing vulnerability impact from application code through language runtimes and OS components.
By coupling static dependency graph analysis with automatic runtime profiling, full-stack reachability identifies which vulnerabilities are actually exploitable, filtering out up to 90% of false positives reported by traditional scanners. Unlike competitors that offer reachability for application code only, Endor Labs delivers the industry’s first full-stack approach, analyzing SCA findings and container image vulnerabilities together.
“Container scanning has been stuck in inventory mode, telling teams what’s installed rather than what matters,” said Varun Badhwar, CEO and co-founder of Endor Labs. “Security tools have to evolve beyond scanning components in isolation. With this acquisition and the launch of full-stack reachability, we’re delivering evidence-based visibility across the entire stack so teams can focus on real risk, reduce operational noise, and make compliance achievable.”
The evidence-based approach also proves particularly valuable for regulated industries. Standards like FedRAMP mandate strict remediation timelines for vulnerabilities, but container bloat means base images contain hundreds of general-purpose libraries that most applications never use. Without reachability analysis, teams waste engineering resources fixing vulnerabilities in unused code or risk compliance penalties by missing critical issues buried in noise.
“Traditional container scanners report every CVE in an image, forcing teams to sift through hundreds of findings manually,” said Quest. “Full-stack reachability uses information from the application layer to understand which container image packages are loaded, identifying which packages and vulnerabilities are reachable in running applications. For regulated industries, this evidence-based approach ensures teams can focus on real risk without getting lost in noise.”
Full-stack reachability for container images is available immediately to Endor Labs customers as part of the company’s expanding AI-native application security platform. To learn more, visit www.endorlabs.com.