This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Endor AI Chat

This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Use the Endor AI Chat to understand vulnerabilities and view recommended actions. It leverages AI to provide contextual explanations, guidance, and next steps for issues detected in your project. With AI-powered context, you can reduce time spent digging through raw data and accelerate triage and remediation.

You can use Endor Ask AI chat from multiple places across the Endor Labs application.

Ensure that the following prerequisites are in place to start using Endor Ask AI chat. You must have an active Endor Labs subscription with the Security Review license bundle and enable Code Segment Embeddings and LLM Processing in Data Privacy settings.

Perform the following steps to enable code segment embeddings and LLM processing:

  1. Select Manage > Settings from the left sidebar.

  2. Select SYSTEM SETTINGS > Data Privacy.

    Enable Code Segment Embeddings and LLM Processing
  3. Select Code Segment Embeddings and LLM Processing.

  4. Click Save Data Privacy Settings.

Perform the following steps to verify your license and feature access:

  1. Select Settings > License from the left sidebar.
  2. Verify that you have Security Review in Products and Features.

Use the AI chat to simplify technical details and generate summaries.

  1. From the left sidebar, select Projects, then search for and choose a project.
  2. Select a finding and click Ask AI to get more details.
  3. Ask questions like,
    • What systems are affected?
    • Is this vulnerability exploitable?
    • How does EPSS affect my risk?
    • What’s the CVSS vector breakdown?

vulnerabilities

From the scan history, you can analyze and compare scans to understand changes over time.

  1. From the left sidebar, select Projects, then search for and choose a project.
  2. Select SCAN HISTORY to review the past scans.
  3. Select multiple scan history entries and click Actions > Add to AI Chat.
  4. Ask questions like,
    • What changed between these scans?
    • Which issues were introduced or resolved?

scan history

ASK AI simplifies searching the Vulnerability Database by allowing users to ask natural-language questions. It provides guidance and explanations, helping users quickly interpret risk and remediation options.

  1. From the left sidebar, select Vulnerabilities.
  2. Search for a vulnerability and select a search result.
  3. Click Ask AI to get data about the vulnerability.
  4. Ask questions like,
    • How does this affect Tomcat servers?
    • Why is this considered high severity?

vulnerability database

Endor Ask AI chat agents generate answers based solely on specific data available within the Endor Labs platform. They have access only to the following data objects:

  • Findings
  • Scan results
  • Vulnerabilities
  • Package versions

Agents are designed to provide insights, explanations, and recommendations from the content of these objects. If the requested information falls outside this scope, such as external environment data, undocumented configurations, or unrelated context, the AI may not be able to generate a response.