Monitoring or supervisory scans
Perform monitoring scans to gain fast and broad visibility over open source risks across the application portfolio without requiring integrations into application pipelines. These scans are conducted periodically and can also establish baselines that are subsequently used during CI scans.
-
GitHub App monitoring scan: You can use the Endor Labs GitHub App to scan your GitHub organizations. It provides broad visibility over your GitHub organizations. Once installed, the GitHub App will automatically clone and scan all the repositories every 24 hours, providing continuous monitoring for open source vulnerabilities. These repositories are temporarily cloned and retained only during the scan. See Scan using the GitHub App for more information.
-
Azure DevOps App monitoring scan: You can use the Endor Labs Azure DevOps App to scan your Azure projects organizations. It provides broad visibility over your GitHub organizations. Once installed, the Azure DevOps App will automatically clone and scan all Azure repos every 24 hours, providing continuous monitoring for open source vulnerabilities. These repositories are temporarily cloned and retained only during the scan. See Deploy Endor Labs Azure DevOps App for more information.
-
Local monitoring scan: Perform periodic scans in your local environment. You must provide the necessary computing resources to run the scans. These scans are not restricted to GitHub and can support any type of Git repository. See Set up Jenkins pipeline for supervisory scans.
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.