This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

RSPM (Repository Security Posture Management)

Manage repository security posture and SCM configurations.

This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Manage repository security posture and SCM configurations.

Repository Security Posture Management (RSPM) helps you secure critical components of your software supply chain, including code, open source libraries, and repository configurations to ensure the security posture of your software development environment.

  • Out-of-the-box policies: Endor Labs comes with out-of-the-box finding policies that help you detect misconfigurations, enforce coding best practices, and stay compliant with industry standards such as CIS benchmarks for GitHub and more.

  • Regular updates: Endor Labs regularly updates its existing policies and includes new policies. Configure policy settings to ensure that you benefit from these regular updates.

  • Remediation guidance: The policies provide up-to-date insights into critical risks, so you can manage security threats before your projects even start. They also include remediation advice that can help you fix and mitigate issues.

RSPM is currently supported for:

Platform Support
GitHub Cloud Yes
GitHub Enterprise Server Yes
Azure DevOps No
GitLab No
Bitbucket No
  1. Review the available finding RSPM policy templates.
  2. Configure policy settings to enable automatic updates.
  3. Review findings in the and take corrective action.