Endor Labs announced it has acquired Autonomous Plane, a cloud-native application security company founded by Kyle Quest, creator of DockerSlim, in a deal that will accelerate its expansion into container reachability analysis.
The acquisition is intended to expand Endor Labs’ AI-native application security platform to provide what it calls full-stack reachability across both application code and container images. Endor Labs said the approach is designed to help organizations prioritize vulnerabilities more effectively by modeling applications end-to-end, tracing potential vulnerability impact from source code through language runtimes and operating system components.
Endor Labs positioned the move as a response to the growing role of AI coding agents, which it said are increasingly generating complete software artifacts that span code, open-source dependencies, and container images. According to the company, this creates security blind spots because traditional point-in-time scanning can miss how components interact across the stack.
The company said its full-stack reachability capability combines source code analysis with dynamic and static container analysis, and pairs static dependency graph analysis with automatic runtime profiling to determine which vulnerabilities are actually exploitable. Endor Labs said this evidence-based method can filter out up to 90% of false positives reported by traditional scanners and differs from tools that offer reachability for application code only by analyzing software composition analysis findings and container image vulnerabilities together.
Endor Labs also said the capability is especially relevant for regulated industries, citing requirements such as FedRAMP remediation timelines and the challenge of “container bloat,” where base images include large numbers of libraries that many applications do not use. The company said reachability analysis can reduce time spent remediating vulnerabilities in unused code while helping teams focus on higher-priority issues that may be buried in high volumes of findings.
Endor Labs said full-stack reachability for container images is available immediately to customers as part of its expanding AI-native application security platform.
KEY QUOTES
“Container scanning has been stuck in inventory mode, telling teams what’s installed rather than what matters. Security tools have to evolve beyond scanning components in isolation. With this acquisition and the launch of full-stack reachability, we’re delivering evidence-based visibility across the entire stack so teams can focus on real risk, reduce operational noise, and make compliance achievable.”
Varun Badhwar, CEO And Co-Founder, Endor Labs
“Traditional container scanners report every CVE in an image, forcing teams to sift through hundreds of findings manually. Full-stack reachability uses information from the application layer to understand which container image packages are loaded, identifying which packages and vulnerabilities are reachable in running applications. For regulated industries, this evidence-based approach ensures teams can focus on real risk without getting lost in noise.”
Kyle Quest, Founder, Autonomous Plane; Creator, DockerSlim
