Skip to main content
Endor Labs provides the following exception policy templates that you can use to quickly create exception policies. Each exception policy template provides parameters to help you customize the conditions under which an exception is applied. The following template categories are available:

Container

Use these templates to define exceptions for findings related to container images, including vulnerabilities in base images, installed packages, and container configurations.

Common

Define exceptions for common use cases such as:
  • Exclude a specific finding, for a specific package, for a specific dependency.
  • Exclude all findings for a specific dependency.
  • Exclude all findings for a specific package.
  • Exclude all vulnerabilities that do not have a patch available.
The following table describes the parameters.

Custom (Advanced)

Define exceptions based on custom criteria that are less common for findings. For example, you can exclude all findings generated based on approximate scans for a specific ecosystem. The following table describes the parameters.

Vulnerabilities

Define exceptions for vulnerabilities findings.

SCA

Use these templates to define exceptions for Software Composition Analysis (SCA) findings, including vulnerabilities, outdated dependencies, unmaintained packages, license risks, and other issues in your open-source dependencies.

Common

Define exceptions for common use cases such as:
  • Exclude a specific finding, for a specific package, for a specific dependency.
  • Exclude all findings for a specific dependency.
  • Exclude all findings for a specific package.
  • Exclude all vulnerabilities that do not have a patch available.
The following table describes the parameters.

Custom (Advanced)

Define exceptions based on custom criteria that are less common for findings. For example, you can exclude all findings generated based on approximate scans for a specific ecosystem. The following table describes the parameters.

Vulnerabilities

Define exceptions for vulnerabilities findings.

Malware

Define exceptions for malware findings.

Secrets

Define exceptions for secrets findings.

Malware

Define exceptions for malware findings.

SAST

Define exceptions for SAST findings.

Vulnerabilities

Use these templates to define exceptions for vulnerability findings, including CVEs, security advisories, and known exploits in your dependencies.

Common

Define exceptions for common use cases such as:
  • Exclude a specific finding, for a specific package, for a specific dependency.
  • Exclude all findings for a specific dependency.
  • Exclude all findings for a specific package.
  • Exclude all vulnerabilities that do not have a patch available.
The following table describes the parameters.

Custom (Advanced)

Define exceptions based on custom criteria that are less common for findings. For example, you can exclude all findings generated based on approximate scans for a specific ecosystem. The following table describes the parameters.

Vulnerabilities

Define exceptions for vulnerabilities findings.