GitHub Action policies

Endor Labs provides the following out-of-the-box policies that help you assess the security posture of GitHub Actions used in your software delivery process.

Policies for Repository Security Posture Management (RSPM) in GitHub.
Policies for evaluating configuration settings in workflow file.

See Finding Policies for details on how to enable, disable, or edit out-of-the-box policies.

Policies for RSPM

Policies for assessing configuration settings in workflow files

Secret policies

Exception policies

⌘I

Policies for RSPM
Policies for assessing configuration settings in workflow files

Introduction to Endor Labs

Setup & Deployment

Inventory & Insights

Scan with Endor Labs

Risk Remediation

Integrations

Secure AI Coding

Platform Administration

Best Practices

Research Open Source Risks

Trust & Compliance

Policies for RSPM

Policies for assessing configuration settings in workflow files

Introduction to Endor Labs

Setup & Deployment

Inventory & Insights

Scan with Endor Labs

Risk Remediation

Integrations

Secure AI Coding

Platform Administration

Best Practices

Research Open Source Risks

Trust & Compliance

​Policies for RSPM

​Policies for assessing configuration settings in workflow files

Policies for RSPM

Policies for assessing configuration settings in workflow files