The biggest security threat isn’t in the cloud, it’s hidden in the code you trust the most.

In this episode, Ron sits down with Varun Badhwar, Co-Founder & CEO of Endor Labs, who shares why research shows that nearly 80–90% of application code comes from open source and third-party libraries, not your own developers. Varun discusses the unseen risks of AI-generated software, how attackers can now weaponize vulnerabilities in hours, and why precision in security matters more than ever. He also reveals how AI can be both the ultimate accelerator and the ultimate weakness in modern development.

Impactful Moments: 00:00 - Introduction 02:00 - Varun’s journey from RedLock to Endor Labs 04:00 - Why the software supply chain is broken 07:00 - AI coding assistants and insecure code risks 10:00 - The NPM self-replicating worm discovery 13:00 - Simple controls to enforce Zero Trust in code 16:00 - Pairing AI with security to prevent slop 19:00 - AI-powered security code reviews explained 22:00 - Why 88% of code goes unused 26:00 - Developer efficiency as the new security metric 29:00 - The next wave of AI-driven software threats

Links: Connect with our Endor on LinkedIn: https://www.linkedin.com/in/vbadhwar/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/