When AI Ships the Code, Who Owns the Risk with Varun Badhwar and Henrik Plate

from Hacker Valley Studio · host Hacker Valley Media

AI isn’t quietly changing software development… it’s rewriting the rules while most security programs are still playing defense. When agents write code at machine speed, the real risk isn’t velocity, it’s invisible security debt compounding faster than teams can see it. In this episode, Ron Eddings sits down with Varun Badhwar, Co-Founder & CEO of Endor Labs, and Henrik Plate, Principal Security Researcher of Endor Labs, to break down how AI-assisted development is reshaping the software supply chain in real time. From MCP servers exploding across GitHub to agents trained on insecure code patterns, they analyze why traditional AppSec controls fail in an agent-driven world and what must replace them. This conversation pulls directly from Endor Labs’ 2025 State of Dependency Management Report, revealing why most AI-generated code is functionally correct yet fundamentally unsafe, how malicious packages are already exploiting agent workflows, and why security has to exist inside the IDE, not after the pull request. Impactful Moments 00:00 – Introduction 02:00 – Star Wars meets cybersecurity culture 03:00 – Why this report matters now 04:00 – MCP adoption explodes overnight 10:00 – Can you trust MCP servers 12:00 – Malicious packages weaponize agents 14:00 – Code works, security fails 22:00 – Hooks expose agent behavior 28:30 – 2026 means longer lunches 33:00 – How Endor Labs fixes this Links Connect with our Varun on LinkedIn: https://www.linkedin.com/in/vbadhwar/ Connect with our Henrik on LinkedIn: https://www.linkedin.com/in/henrikplate/ Check out Endor Labs State of Dependency Management 2025: https://www.endorlabs.com/lp/state-of-dependency-management-2025 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

What this episode covers

AI isn’t quietly changing software development… it’s rewriting the rules while most security programs are still playing defense. When agents write code at machine speed, the real risk isn’t velocity, it’s invisible security debt compounding faster than teams can see it. In this episode, Ron Eddings sits down with Varun Badhwar, Co-Founder & CEO of Endor Labs, and Henrik Plate, Principal Security Researcher of Endor Labs, to break down how AI-assisted development is reshaping the software supply chain in real time. From MCP servers exploding across GitHub to agents trained on insecure code patterns, they analyze why traditional AppSec controls fail in an agent-driven world and what must replace them. This conversation pulls directly from Endor Labs’ 2025 State of Dependency Management Report, revealing why most AI-generated code is functionally correct yet fundamentally unsafe, how malicious packages are already exploiting agent workflows, and why security has to exist inside the IDE, not after the pull request. Impactful Moments00:00 – Introduction02:00 – Star Wars meets cybersecurity culture03:00 – Why this report matters now04:00 – MCP adoption explodes overnight10:00 – Can you trust MCP servers12:00 – Malicious packages weaponize agents14:00 – Code works, security fails22:00 – Hooks expose agent behavior28:30 – 2026 means longer lunches33:00 – How Endor Labs fixes this LinksConnect with our Varun on LinkedIn: https://www.linkedin.com/in/vbadhwar/ Connect with our Henrik on LinkedIn: https://www.linkedin.com/in/henrikplate/ Check out Endor Labs State of Dependency Management 2025: https://www.endorlabs.com/lp/state-of-dependency-management-2025 Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional:https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

NOW PLAYING

When AI Ships the Code, Who Owns the Risk with Varun Badhwar and Henrik Plate

0:00 35:00

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

Visionary Archetypes for Worldbuilding

Apr 15, 2026 ·28m

Worldbuilding in a Dumpster Fire

Mar 12, 2026 ·14m

New Moon Eclipse in Aquarius

Feb 17, 2026 ·21m

Becoming a Dream of the Earth

Feb 14, 2026 ·11m

Grief as a Doorway with Melissa Word

Jan 5, 2026 ·61m

The Creative Rites of Winter

Dec 29, 2025 ·33m

Similar Podcasts

2 Old Ladies Walking Rozee 2 Old Ladies Walking features the journeys, insights, and light conversation between Liz and Rosie, two women of a certain age who live in the Hudson Valley of New York. From pelvic floor challenges and life with young adult children to food, bird calls, fear of “mad lamb” disease, and myriad topics in between, we cover it all while walking on the scenic trails of the northeast, or wherever our travels take us. Join us and have a listen! Soft, Earthen Futures Storywork Studio Soft, Earthen Futures is a podcast about imagining and crafting a more whole world. We explore what it means to stand at the threshold between what has been and what is trying to emerge, tending to that in-between space, listening for what the earth is dreaming through us, and giving those visions form. This show is for wild-hearted creatives, entrepreneurs, and visionaries. Hosted by founder, story doula, and eco-somatic depth guide, Daje Aloh. You Bet Your Garden Lehigh Valley Public Media “You Bet Your Garden” touted as an hour of “chemical-free horticultural hijinks,” is a weekly, nationally syndicated broadcast hosted by Mike McGrath. It is produced in the studios of PBS39 in Bethlehem, PA. This weekly call-in program offers ‘fiercely organic’ advice to gardeners far and wide. Celebration of Life Church Bozeman COLC It is our desire at Celebration of Life Church to reach into Bozeman and the entire Gallatin Valley with the Gospel of Jesus Christ and impact it for the Kingdom of God; to go beyond the four walls of the church and touch people in our community with the love of God; and to share the goodness of God in such a way that it will draw all men into a loving relationship with the One True Living God. We also desire to train up in the Word of God and encourage them to take the Gospel message to our community through various outreaches and evangelism. Enjoy our podcast and feel free to visit us.

Frequently Asked Questions

How long is this episode of Hacker Valley Studio?

This episode is 35 minutes long.

When was this Hacker Valley Studio episode published?

This episode was published on January 8, 2026.

What is this episode about?

Can I download this Hacker Valley Studio episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.

URL copied to clipboard!