Scan with Endor Labs

Endor Labs provides comprehensive scanning capabilities to identify security issues across your software supply chain. This section covers the different types of scans available and how to configure them.

SCA (Software Composition Analysis)

Scan open source dependencies for vulnerabilities with reachability analysis.

SAST (Static Application Security Testing)

Scan your first-party code for security vulnerabilities.

Secrets Detection

Scan your codebase for leaked secrets and sensitive data.

Container Scanning

Scan container images for vulnerabilities and secure your deployments.

Malware detection

Scan dependencies for malware and understand how it is detected, classified, and scored.

AI Models

Scan for and govern AI models in your codebase.

OSS Licenses

Identify and manage open source license compliance.

RSPM (Repository Security Posture Management)

Manage repository security posture and SCM configurations.

Scan Profiles

Configure scan profiles to customize how your projects are scanned.

Pull Request scans

Scan pull requests as they are raised in your repository.

Bazel

Scan monorepos with Endor Labs using Bazel.

Working with monorepos

Scan large monorepos with strategies for performance and coverage.

Namespaces

SCA (Software Composition Analysis)

⌘I

Introduction to Endor Labs

Setup & Deployment

Inventory & Insights

Risk Remediation

Integrations

Secure AI Coding

Platform Administration

Best Practices

Research Open Source Risks

Trust & Compliance

Scan with Endor Labs

SCA (Software Composition Analysis)

SAST (Static Application Security Testing)

Secrets Detection

Container Scanning

Malware detection

AI Models

OSS Licenses

RSPM (Repository Security Posture Management)

Scan Profiles

Pull Request scans

Bazel

Working with monorepos