Scan history provides a detailed overview of past security scans performed on a project. It helps you understand your project’s security posture over time. With full context and details about individual scans in their repositories, you can assess scan fidelity and troubleshoot issues.
-
Select Projects from the left sidebar.
-
Search for and select a project to review.
-
Select SCAN HISTORY to review the past scans.
-
List of Scans: Displays all previously run scans, including details such as the scan time, duration, scan type, and tags.
-
Findings Summary: Shows the number of security findings, categorized by severity: Critical, High, Medium, or Low.
-
Commit Details: Each scan is linked to a specific commit SHA, allowing users to track security issues to specific code changes.
-
Scanned By: Identifies the user or system that initiated the scan.
-
Filtering & Search: You can filter scans by status, scan type, and time range. You can search by tags, commit SHA, or specific include or exclude file paths.
-
-
Select a record to view general information about the scan or its logs.
- View details: View scan details for in-depth information about a specific scan, including the scan status, result UUID, detected programming languages, system details, and the versions of key development tools used in the environment.
- Overview: General information about the scans.
- Logs: View scan related logs, with selectable log severity from Emergency, Alert, Critical, Error, Warning, Notice, Info, or Debug for in-depth debugging and policy evaluations.
Note
Scan logs and toolchain details are available for projects onboarded through Endor Labs cloud using the GitHub, GitLab, or the Azure DevOps Apps. The available log severities are determined by the log levels present in the selected scan result.