Endor Labs has acquired Autonomous Plane, a cloud-native application security company founded by Kyle Quest, creator of DockerSlim.
The deal strengthens Endor Labs’ position in the application security market by extending its platform capabilities across the full software stack.
The acquisition is designed to expand Endor Labs’ AI-native application security platform to deliver full-stack reachability from code to container. Financial terms of the transaction were not disclosed.
By integrating Autonomous Plane’s technology, Endor Labs aims to improve vulnerability prioritisation and enhance security for modern, AI-generated software environments, where traditional point-in-time scanning tools often fail to detect interconnected risks.
Endor Labs provides AI-native application security designed to help organisations secure software built using AI coding agents and modern development pipelines. Its platform focuses on identifying and prioritising vulnerabilities across codebases, open-source dependencies and containerised environments.
The company seeks to reduce operational noise and enable teams to concentrate on genuine security threats rather than being overwhelmed by excessive alerts.
Autonomous Plane, founded by Kyle Quest, specialises in cloud-native application security. Quest, known as the creator of DockerSlim, developed technology that enables full-stack reachability by combining source code analysis with both dynamic and static container analysis.
This approach models applications end-to-end, tracing the impact of vulnerabilities from application code through language runtimes and operating system components.
Through the integration of Autonomous Plane’s technology, Endor Labs introduces full-stack reachability that couples static dependency graph analysis with automatic runtime profiling. This method identifies which vulnerabilities are genuinely exploitable, filtering out up to 90% of false positives typically reported by conventional scanners.
Unlike solutions that focus solely on application code reachability, Endor Labs claims to deliver the industry’s first full-stack model, correlating software composition analysis (SCA) findings with container image vulnerabilities.
The acquisition comes as AI coding agents increasingly generate complete software artefacts, including code, open-source dependencies and container images. This shift has created new security blind spots, as traditional scanning tools examine components in isolation rather than as part of a connected system.
The evidence-based approach introduced by Endor Labs is positioned as particularly valuable for regulated sectors. Standards such as FedRAMP impose strict remediation timelines, yet container base images often include hundreds of general-purpose libraries that are never used. Without reachability analysis, organisations may spend significant engineering time addressing vulnerabilities in unused components or risk penalties by overlooking critical issues hidden within excessive findings.
Endor Labs CEO and co-founder Varun Badhwar said, “Container scanning has been stuck in inventory mode, telling teams what’s installed rather than what matters. Security tools have to evolve beyond scanning components in isolation. With this acquisition and the launch of full-stack reachability, we’re delivering evidence-based visibility across the entire stack so teams can focus on real risk, reduce operational noise, and make compliance achievable.”
Quest said, “Traditional container scanners report every CVE in an image, forcing teams to sift through hundreds of findings manually. Full-stack reachability uses information from the application layer to understand which container image packages are loaded, identifying which packages and vulnerabilities are reachable in running applications. For regulated industries, this evidence-based approach ensures teams can focus on real risk without getting lost in noise.”
Keep up with all the latest RegTech news here
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
