Monitoring or supervisory scans
Perform monitoring scans to gain fast and broad visibility over open source risks across the application portfolio without requiring integrations into application pipelines. These scans are conducted periodically.
graph TD
A(["Endor Labs App"]) -->|<span style='font-size: 12px'>Continuous monitoring</span>| B["Customer Repositories"]
A -->|<span style='font-size: 12px'>Initiate scans every 24h or on-demand</span>| C["Endor Labs Cloud
<span style='font-size: 12px'>Customer data destroyed after scans</span>"]
B -->|<span style='font-size: 12px'>Clones and scans repositories</span>| C
C -->|<span style='font-size: 12px'>Pass scan data</span>| D(["Endor Labs Platform
<span style='font-size: 12px'>Generate findings from scan results</span>"])
subgraph "<span style='font-size: 18px'>Supervisory scan workflow<span>"
A
B
C
D
end
-
GitHub App monitoring scan: You can use the Endor Labs GitHub App to scan your GitHub organizations. It provides broad visibility over your GitHub organizations. Once installed, the GitHub App will automatically clone and scan all the repositories every 24 hours, providing continuous monitoring for open source vulnerabilities. These repositories are temporarily cloned and retained only during the scan. See Scan using the GitHub App for more information.
-
Azure DevOps App monitoring scan: You can use the Endor Labs Azure DevOps App to scan your Azure projects organizations. It provides broad visibility over your Azure organizations. Once installed, the Azure DevOps App will automatically clone and scan all Azure repos every 24 hours, providing continuous monitoring for open source vulnerabilities. These repositories are temporarily cloned and retained only during the scan. See Deploy Endor Labs Azure DevOps App for more information.
-
GitLab App monitoring scan: You can use the Endor Labs GitLab App to scan your GitLab organization. It provides broad visibility over your GitLab group and subgroups. Once installed, the GitLab App will automatically clone and scan all projects every 24 hours, providing continuous monitoring for open source vulnerabilities. These repositories are temporarily cloned and retained only during the scan. See Deploy Endor Labs GitLab App for more information.
-
Local monitoring scan: Perform periodic scans in your local environment. You must provide the necessary computing resources to run the scans. These scans can support any type of Git repository. See Set up Jenkins pipeline for supervisory scans.
Support Matrix
Endor Labs features available depends upon the type of scan and the SCM.
Scan capabilities
The following table lists the scan capabilities available for different types of SCM.
| Feature | GitHub Cloud | Azure DevOps Cloud | GitLab Cloud |
|---|---|---|---|
| Reachability Analysis | ✓ | ✓ | ✓ |
| CI/CD Tools | ✓ | ✓ | ✓ |
| Secrets Scan | ✓ | ✓ | ✓ |
| SAST | ✓ | ✓ | ✓ |
| RSPM | ✓ | ✗ | ✗ |
| PR Comments | ✓ | ✗ | ✗ |
| PR Checks | ✓ | ✗ | ✗ |
| Container Scan | ✗ | ✗ | ✗ |
Remediation
The following table lists the types of remediation available for different types of SCM.
| Feature | GitHub Cloud | Azure DevOps Cloud | GitLab Cloud |
|---|---|---|---|
| Jira remediation | ✓ | ✓ | ✓ |
| Endor Patches | ✓ | ✓ | ✓ |
| PR remediation | ✓ | ✗ | ✗ |
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.