Hugging Face organization model inventory
New Endor Labs can now scan all models in a Hugging Face organization, and score them for security, activity, popularity, and quality. Connect your organization using a Hugging Face access token to scan public and private models and score them. For more information, see Hugging Face organization models.Google Artifact Registry support for Package Firewall
New You can now route package installations for npm, PyPI, and Maven through the Package Firewall using Google Artifact Registry. Configure a remote repository with the Package Firewall as its custom upstream, and every request is checked against the Endor Labs malware database and your policies to block, warn, or allow the package installation. For more information, see Configure the Package Firewall with Google Artifact Registry.User attribution for Package Firewall
New Each package installation request routed through the Package Firewall can now be attributed to the developer and machine that initiated it. User attribution tags every request with the requester’s identity in the format<user>@<machine>. Configure user attribution through the MDM deployment scripts and view the attributed identity in the Package Firewall logs.
For more information, see User attribution.