February 2026

We are excited to introduce the latest features and enhancements in Endor Labs.

Endor Labs now supports AI-powered analysis for SAST findings to automatically classify them as true positives or false positives. The AI agent analyzes code context, traces data flows, and evaluates security controls to reduce false positives, helping security teams and developers focus on genuine security vulnerabilities. AI SAST analysis features require a Code Pro license.

For more information, see SAST scan with AI analysis.

The Endor Labs Bitbucket Cloud App now supports automated pull request scanning for security vulnerabilities, policy violations, and exposed secrets. You can also configure PR comments directly on your pull requests when issues are detected, helping developers address security concerns before merging code.

For more information, see Bitbucket Cloud App PR scans.

You can now use search for notifications using the policy name or Jira issue key, and also apply filters to narrow down notifications by time range, projects, notification channels, or error status. This helps you quickly locate specific notifications, identify patterns across your security events, and efficiently manage notification workflows.

For more information, see Notifications.