Policies for CI/CD tools

Learn about the out of the box finding policies and templates for CI/CD tools used in your software development environment.

Endor Labs comes with the following predefined out-of-the-box finding policies for detecting detecting non-compliant CI/CD tool configurations. These policies are enabled by default. You can choose to edit and make changes to these policies. See Managing policies for details on policies.

  • Unauthorized Tool Usage - Raise a finding if a repository uses a tool that is specifically not approved by the company policy.
  • Require Tool Category - Raise a finding if a repository does not have any tools in a required tool category.
  • Require Tool - Raise a finding if a required tool is not detected in a repository.