Scan with Endor Labs
Endor Labs provides comprehensive scanning capabilities to identify security issues across your software supply chain. This section covers the different types of scans available and how to configure them.
SCA (Software Composition Analysis)
Scan open source dependencies for vulnerabilities with reachability analysis.
SAST (Static Application Security Testing)
Scan your first-party code for security vulnerabilities.
Secrets Detection
Scan your codebase for leaked secrets and sensitive data.
Container Scanning
Scan container images for vulnerabilities and secure your deployments.
Malware detection
Scan dependencies for malware and understand how it is detected, classified, and scored.
Data exporters
Export scan findings and data from Endor Labs to external storage and security platforms.
AI Models
Scan for and govern AI models in your codebase.
OSS Licenses
Identify and manage open source license compliance.
RSPM (Repository Security Posture Management)
Manage repository security posture and SCM configurations.
Pull Request scans
Scan pull requests as they are raised in your repository.
Bazel
Scan monorepos with Endor Labs using Bazel.
Working with monorepos
Scan large monorepos with strategies for performance and coverage.