Endor Labs has acquired Autonomous Plane, a company founded by Kyle Quest, creator of DockerSlim, in a move designed to extend its platform’s capabilities across the full software stack.
The acquisition strengthens Endor Labs’ AI-native application security offering by introducing full-stack reachability, enabling organisations to trace vulnerabilities from application source code through to container images.
While the financial terms of the deal were not disclosed, the transaction is aimed at addressing growing security blind spots created by AI-generated software and modern development practices.
Endor Labs provides AI-native application security solutions that help enterprises prioritise and remediate vulnerabilities in increasingly complex software environments. Its platform focuses on analysing open-source dependencies and application code, enabling teams to identify which vulnerabilities are truly exploitable rather than simply present.
By combining static dependency graph analysis with automated runtime profiling, the company claims it can filter out up to 90% of false positives typically flagged by traditional scanners.
Autonomous Plane specialises in cloud-native application security, with technology designed to model applications end-to-end. Founded by Kyle Quest, the company developed tooling that integrates static and dynamic container analysis with source code examination. Through the acquisition, Quest joins Endor Labs, bringing expertise in container optimisation and security, particularly through his earlier work on DockerSlim.
The combined platform introduces what Endor Labs describes as the industry’s first full-stack reachability approach, unifying software composition analysis (SCA) findings and container image vulnerability analysis. Traditional tools often assess application code and container images separately, leaving gaps in visibility. By correlating vulnerabilities across code, language runtimes and operating system components, Endor Labs aims to give security teams a clearer, evidence-based view of risk.
The move comes at a time when AI coding agents are increasingly generating complete software artefacts, spanning code, open-source libraries and container images. This interconnected approach to development can create security blind spots, particularly when point-in-time scanning fails to account for runtime behaviour and component interaction. For regulated industries, the stakes are especially high, as frameworks such as FedRAMP impose strict remediation timelines for vulnerabilities.
Container images often include hundreds of general-purpose libraries, many of which are not actually used by the running application. Without reachability analysis, security teams may spend valuable engineering time addressing vulnerabilities in unused components or risk non-compliance by overlooking critical, exploitable flaws.
Endor Labs CEO and co-founder Varun Badhwar said, “Container scanning has been stuck in inventory mode, telling teams what’s installed rather than what matters. Security tools have to evolve beyond scanning components in isolation. With this acquisition and the launch of full-stack reachability, we’re delivering evidence-based visibility across the entire stack so teams can focus on real risk, reduce operational noise, and make compliance achievable.”
Quest added, “Traditional container scanners report every CVE in an image, forcing teams to sift through hundreds of findings manually. Full-stack reachability uses information from the application layer to understand which container image packages are loaded, identifying which packages and vulnerabilities are reachable in running applications. For regulated industries, this evidence-based approach ensures teams can focus on real risk without getting lost in noise.”
Find more on RegTech Analyst.
Keep up with all the latest FinTech news here
Copyright © 2026 FinTech Global
