Show Notes
AI isn’t quietly changing software development… it’s rewriting the rules while most security programs are still playing defense. When agents write code at machine speed, the real risk isn’t velocity, it’s invisible security debt compounding faster than teams can see it.
In this episode, Ron Eddings sits down with Varun Badhwar, Co-Founder & CEO of Endor Labs, and Henrik Plate, Principal Security Researcher of Endor Labs, to break down how AI-assisted development is reshaping the software supply chain in real time. From MCP servers exploding across GitHub to agents trained on insecure code patterns, they analyze why traditional AppSec controls fail in an agent-driven world and what must replace them.
This conversation pulls directly from Endor Labs’ 2025 State of Dependency Management Report, revealing why most AI-generated code is functionally correct yet fundamentally unsafe, how malicious packages are already exploiting agent workflows, and why security has to exist inside the IDE, not after the pull request.
Impactful Moments 00:00 – Introduction 02:00 – Star Wars meets cybersecurity culture 03:00 – Why this report matters now 04:00 – MCP adoption explodes overnight 10:00 – Can you trust MCP servers 12:00 – Malicious packages weaponize agents 14:00 – Code works, security fails 22:00 – Hooks expose agent behavior 28:30 – 2026 means longer lunches 33:00 – How Endor Labs fixes this
Links Connect with our Varun on LinkedIn: https://www.linkedin.com/in/vbadhwar/
Connect with our Henrik on LinkedIn: https://www.linkedin.com/in/henrikplate/
Check out Endor Labs State of Dependency Management 2025: https://www.endorlabs.com/lp/state-of-dependency-management-2025
Check out our upcoming events: https://www.hackervalley.com/livestreams
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Recent Episodes
Think Like a Hacker Before the Hack Happens with John Hammond
What if the most dangerous hackers are the ones who never touch a keyboard? The real threat isn't just about stolen credentials or ransomware; it's about understanding how attackers think before ...
Breaking Into Banks and Bypassing Modern Security with Greg ...
Three banks in four days isn't just a bragging right for penetration testers. It's a wake-up call showing that expensive security tools and alarm systems often fail when tested by skilled ...
Defending Your Cyber Systems and Your Mental Attack Surface with ...
When your firewall forgets to buckle up, the crash doesn’t happen in the network first, it happens in your blindspots. In this episode, Ron is joined by returning guest Chris Hughes, Co-Founder ...
Thriving Beyond Human Labor with Context-Powered AI with Daniel ...
The real disruption isn’t AI replacing humans, it’s the shocking possibility that human labor was the economic bubble all along. In this episode, Ron Eddings sits down with Daniel Miessler, ...
Building EDR for AI: Controlling Autonomous Agents Before They Go ...
AI agents aren't just reacting anymore, they're thinking, learning, and sometimes deleting your entire production database without asking. The real question isn't if your AI agent will be ...
Can AI Run Your SOC Better Than You? with Ahmed Achchak
What if your security team never missed a single alert and actually had time to think strategically? In this episode, Ahmed Achchak, CEO and Co-Founder of Qevlar AI, reveals how autonomous SOCs ...
Making Cybersecurity Marketing Creative (and a Little Sexy) with ...
Who said cybersecurity had to be serious? The future of cyber is creative, human, and even a little sexy.In this special 400th episode, Ron Eddings celebrates six incredible years of Hacker ...
How to See Your Organization Like a Hacker with Chris Dale
To defend like a human, you first have to think like a hacker. In this episode, Ron Eddings sits down with Chris Dale, Co-Founder and Chief Hacking Officer at River Security, to explore the ...
Coding by Vibe: The Future of AI-Built Security with Ron Eddings
When code meets intuition, innovation gets personal. But what happens when we let AI vibe with our ideas? In this episode, Ron Eddings covers the rise of AI-driven development from Vibe Coding, ...
Learning How to Learn: Mastering the Cyber Fundamentals with Rich ...
The real edge in cybersecurity isn’t found in new tools, it’s built through timeless fundamentals and a mindset that never stops learning. In this episode, Ron sits down with Rich Greene, Senior ...
WORK WITH US
PODCASTS + SPEAKING + EVENTS
Are you the best kept secret in cybersecurity? Let's change that by partnering together for podcast ads, social campaigns, and your next event or keynote. Send us your details to get started.
Thank you!
We will be in touch soon and reach out to you at