Documentation Index
Fetch the complete documentation index at: https://docs.endorlabs.com/llms.txt
Use this file to discover all available pages before exploring further.
Endor Labs provides the following action policy templates that you can use to quickly create action policies.
Each policy template provides parameters to help you customize the conditions under which a policy action takes place.
All action policy templates automatically only match new findings for PR scans, assuming that there is a baseline that the scan results can be compared to. If the finding already exists in the baseline, then it is not considered to be a match. See PR baseline and PR comments to learn more. Container
Use these templates to define actions for findings related to container images, including vulnerabilities in base images, installed packages, and container configurations.
Containers
Matches container findings for vulnerabilities that meet specific parameters.
The following table describes the parameters.
Custom (Advanced)
Allows you to define a custom action policy based on the attributes of the finding.
The following table describes the parameters.
Finding categories
Findings are classified into one or more of the following categories:
Finding types
Findings are classified into the following types when the packages scanned include:
GitHub Actions
Use this template to match findings from GitHub Actions workflows, such as risky action usage or supply chain issues in your CI configuration.
Ensure the relevant GitHub Action finding policies are enabled so Endor Labs raises these findings.
The following table describes the parameters.
Malware
Allows you to define the action policy to apply when a malware finding is detected, depending on its status, relationship to root packages, and ecosystem.
The following table describes the parameters.
SAST
Allows you to define the action taken when a SAST finding is raised.
SCA
Use these templates to define actions for Software Composition Analysis (SCA) findings, including vulnerabilities, outdated dependencies, unmaintained packages, license risks, and other issues in your open-source dependencies.
Containers
Matches container findings for vulnerabilities that meet specific parameters.
The following table describes the parameters.
Custom (Advanced)
Allows you to define a custom action policy based on the attributes of the finding.
The following table describes the parameters.
Malware
Allows you to define the action policy to apply when a malware finding is detected, depending on its status, relationship to root packages, and ecosystem.
The following table describes the parameters.
Outdated Releases
Matches findings based on older versions of software or dependencies and are not actively updated. The following parameters are supported:
Recently Released Dependencies (cooldown)
Matches findings for recently released dependencies. Supported configuration parameters for this action policy template are:
Unmaintained Dependencies
Matches findings based on dependencies that are no longer maintained or may have reached end-of-life. The following parameters are supported:
Unpinned Direct Dependencies
Matches findings based on direct dependencies that do not have a version or a range of versions specified. Supported configuration parameters for this action policy template are:
Unreachable Direct Dependencies
Matches findings based on dependencies that are not directly used or called within a project. Supported configuration parameters for this action policy template are:
Vulnerabilities
Matches findings that are vulnerabilities that meet specific parameters.
The following table describes the parameters.
Secrets
Allows you to define the action taken when a leaked secret is detected based on the validation status of the secret.
Security Review
Use these templates to define actions for security review findings that require manual assessment or additional analysis before taking action.
Match security review findings. The following parameters are supported:
Vulnerabilities
Use these templates to define actions for vulnerability findings, including CVEs, security advisories, and known exploits in your dependencies based on severity, exploitability, and fix availability.
Containers
Matches container findings for vulnerabilities that meet specific parameters.
The following table describes the parameters.
Custom (Advanced)
Allows you to define a custom action policy based on the attributes of the finding.
The following table describes the parameters.
Vulnerabilities
Matches findings that are vulnerabilities that meet specific parameters.
The following table describes the parameters.
