> ## Documentation Index
> Fetch the complete documentation index at: https://docs.endorlabs.com/llms.txt
> Use this file to discover all available pages before exploring further.

<AgentInstructions>

## Submitting Feedback

If you encounter incorrect, outdated, or confusing documentation on this page, submit feedback:

POST https://docs.endorlabs.com/feedback

```json
{
  "path": "/introduction/getting-started/index",
  "feedback": "Description of the issue"
}
```

Only submit feedback when you have something specific and actionable to report.

</AgentInstructions>

# Getting started

This guide provides instructions to set up and configure Endor Labs to get started with your first project scan. See [Endor Labs user interface](/introduction/endor-labs-ui) for more information on the user interface and the main elements available in the interface.

## Log in to Endor Labs

<Tip>
  You need an Endor Labs account and a tenant to use Endor Labs.
</Tip>

1. Visit [https://app.endorlabs.com](https://app.endorlabs.com) to access the login page.
2. You can sign in to Endor Labs with the following options:
   * Google Workspace
   * GitHub
   * GitLab
   * Email Link
   * [Supported enterprise SSO providers](/platform-administration/rbac/authentication-providers/custom-identity-providers)
3. Select **Get Started** on the left sidebar to explore the available options.

   * Select **Start Tour** to take a guided tour of the application and understand its main features.
   * Select **Explore Demo Sandbox** to view Endor Labs capabilities and explore its features in a read-only tenant.
   * Select **SCAN WITH GitHub App** to install the Endor Labs GitHub App.
   * Select **SCAN VIA GitHub Actions** to scan a demo repository from GitHub and view findings.
   * Select **SCAN VIA CLI** to set up your tenant and start scanning your repositories with the CLI.

   <img src="https://mintcdn.com/endorlabs-b4795f4f/2CFeZIRm7eKUPEq0/images/introduction/getting-started/githubapp-gettingstarted.webp?fit=max&auto=format&n=2CFeZIRm7eKUPEq0&q=85&s=639386ea79d3cec6893edc73b7c57424" alt="Scan with GitHub App landing page" width="1905" height="830" data-path="images/introduction/getting-started/githubapp-gettingstarted.webp" />

## Quick start with GitHub App

Endor Labs provides a GitHub App that continuously monitors users’ projects for security and operational risk. You can use the GitHub App to selectively scan your repositories for SCA, secrets, RSPM, or GitHub Actions. GitHub App scans also establish baselines that are subsequently used during CI scans.

The GitHub App (Pro) facilitates PR remediation. See [PR remediation](/risk-remediation/automated-pull-requests#understanding-remediation-prs) for more information.

<Warning>You can only install either the GitHub App or the GitHub App (Pro) in your environment.</Warning>

### Prerequisites for GitHub App

Before installing and scanning projects with Endor Labs GitHub App, make sure you have:

* A GitHub cloud account and organization. If you don't have one, create one at [GitHub](https://www.github.com).
* Administrative permissions to your GitHub organization. Installing the Endor Labs GitHub App in your organization requires approval or permissions from your GitHub organizational administrator.
* Endor Labs GitHub App requires read permissions to Dependabot alerts, actions, administration, checks, code, commit statuses, issues, metadata, packages, pull requests, repository hooks, and security events. It does not need write access to any resources.

### Set up the GitHub App with Endor Labs

To set up Endor Labs GitHub App:

1. Sign in to Endor Labs and select **Get Started** from the left sidebar.

2. Select **SCAN WITH GitHub App** and click **Install GitHub App Pro**.

   Deselect **Enable Automated Pull Requests** to disable [automatic PR remediation](/risk-remediation/automated-pull-requests) and to install the [GitHub App](/setup-deployment/scm-integrations/github-app-pro/github-app).

3. See [Deploy Endor Labs GitHub App (Pro)](/setup-deployment/scm-integrations/github-app-pro) for detailed installation steps and configuration options.

4. After installation, Endor Labs scans your repositories to generate findings and re-scans your repository every 24 hours. See [Findings](/inventory-insights/findings) for more information on the findings generated by the scans.

5. See [Review the results of your project](#review-the-results-of-your-project) for details on findings and analysis.

## Quick start with endorctl

Use endorctl to perform comprehensive security analysis across your codebase, including software composition analysis, dependency management, secret detection, and evaluation of GitHub configuration against best practices. Send results to your Endor Labs tenant.

### Set up endorctl with Endor Labs

To set up endorctl:

1. Sign in to Endor Labs and select **Get Started** from the left sidebar.
2. Select **SCAN VIA CLI** to configure your tenant and start scanning with the CLI.

See [Install and configure endorctl](/setup-deployment/cli) and [Scan using endorctl](/setup-deployment/cli/scan-using-endorctl) for more information on setup and running scans.

## Review the results of your project

To inspect your project results and understand scan outcomes:

1. Select **Projects** from the left sidebar.

2. Select your project to open its overview.

3. In the **Findings** section, review the severity summary for that project:

   * C: Critical
   * H: High
   * M: Medium
   * L: Low

4. Under **Packages**, select the icon next to the count to view the following information:

   * **Project metadata:** Includes the project UUID, repository details, dependencies, and repository versions.
   * **Findings breakdown:** Shows how issues spread across dependencies, packages, repositories, secrets, and CI workflows.

5. Select **View details** to explore findings and review detailed analysis across dependencies, code, and secrets. See [Findings](/inventory-insights/findings) for more information.

<img src="https://mintcdn.com/endorlabs-b4795f4f/2CFeZIRm7eKUPEq0/images/introduction/getting-started/locally-scanned-project.webp?fit=max&auto=format&n=2CFeZIRm7eKUPEq0&q=85&s=33d1a59c9eb23150ee84cc549a83ff7b" alt="Locally Scanned Project" width="3080" height="1784" data-path="images/introduction/getting-started/locally-scanned-project.webp" />