Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.endorlabs.com/llms.txt

Use this file to discover all available pages before exploring further.

Scan history provides a detailed overview of past security scans performed on a project. It helps you understand your project’s security posture over time. With full context and details about individual scans in their repositories, you can assess scan fidelity and troubleshoot issues.
  1. Select Projects from the left sidebar.
  2. Search for and select a project to review.
  3. Select Scan history to review the past scans.
    • List of Scans: View all past scans, including details such as the scan time, duration, scan type, and tags.
    • Findings Summary: Review the number of security findings, categorized by severity: Critical, High, Medium, or Low.
    • Commit Details: Each scan is linked to a specific commit SHA, allowing users to track security issues to specific code changes.
    • Scanned By: Identifies the user or system that initiated the scan.
    • Filtering & Search: You can filter scans by status, scan type, and time range. You can search by tags, commit SHA, or specific include or exclude file paths. For example, you can select Container as a scan type from the dropdown list. Scan history
      The analytics scan is a periodic, automated scan that the system runs to refresh findings without any user action. The system runs this scan only when the analytics-check scan detects changes or new vulnerabilities.The analytics-check scan is an automated, recurring process that checks for changes or newly introduced vulnerabilities and skips the analytics scan if no changes are detected.
  4. Select a record to view general information about the scan or its logs.
    • Overview: View general information about the scan, including the scan status, result UUID, detected programming languages, system details, and the versions of key development tools used in the environment.
    • Issues: View additional errors and warnings from the scan. This section appears only when the scan reports errors or warnings. Scan history issues
    • Logs: Monitor scan logs, even while scans are running, and filter by severity level, with selectable log severity from Emergency, Alert, Critical, Error, Warning, Notice, Info, or Debug for in-depth debugging and policy evaluations. You can access scan logs and toolchain details for projects onboarded through Endor Labs cloud using the GitHub, GitLab, or Azure DevOps Apps. The log levels in the selected scan result determine the available log severities. For SAST and secret findings, logs include the file path and line numbers where the issue was detected. Scan history logs
    • Deleted Findings: View findings that are resolved in a particular scan. This section appears only when the scan resolves one or more findings. Each entry shows the finding name, severity, category, first detected time, and attribute tags. You can also copy the finding UUID. Scan history deleted findings