Skip to main content

Overview

Endor Labs is a software composition analysis (SCA) platform that provides deep visibility into your software dependencies and their associated security risks. This integration connects Backline with Endor Labs to automatically import vulnerability findings, enabling centralized remediation workflows.

What You Can Do

With the Endor Labs integration, Backline can:
  • Automatically import SCA vulnerability findings from Endor Labs
  • Track vulnerabilities detected across your repositories
  • Create remediation workflows for imported vulnerabilities
  • Maintain vulnerability detection timestamps from Endor Labs
  • Centralize security vulnerabilities from multiple scanners in one place

Prerequisites

Before connecting Endor Labs, ensure you have:
  • An Endor Labs account with access to the namespace you want to monitor
  • An API key with read-only permissions
  • Access to the Integration Hub in Backline
  • A connected source control management (SCM) integration in Backline (e.g., GitHub, GitLab)

Generating an API Key

1

Log in to Endor Labs

Access your Endor Labs dashboard at https://app.endorlabs.com
2

Navigate to Access Control

Select Settings > Access Control from the left sidebar, then click on API Keys.
3

Generate API Key

Click Generate API Key and enter a name to identify the key (e.g., “Backline Integration”).
4

Select Permissions

Select the Read-only role for the API key. This provides sufficient access for Backline to fetch vulnerability findings.
5

Set Expiry Period

Choose an expiry period for the key (30 days, 60 days, 90 days, or one year). Note that you will need to regenerate the key before it expires.
6

Copy Credentials

Copy both the API Key and API Secret. Store them securely as the secret will only be shown once.
Store your API key and secret securely. The API secret will only be shown once during creation.
For more details on API key creation, refer to the Endor Labs API Keys documentation.

Connecting Endor Labs

1

Navigate to Integrations

In Backline, go to the Integration Hub from the main menu.
2

Select Endor Labs

Find and click on the Endor Labs integration card.
3

Enter Connection Details

In the connection form, enter:
  • Namespace: Your Endor Labs namespace (organization name)
  • API Key: The API key you generated
  • API Secret: The API secret you generated
4

Test Connection

Click Connect to verify your credentials. Backline will test the connection to ensure the credentials are valid and have access to the specified namespace.

How It Works

Once connected, Backline will:
  1. Fetch Vulnerabilities: Periodically scan Endor Labs for new SCA vulnerability findings
  2. Filter Relevant Issues: Import only Vulnerability Category findings that contain CVE information
  3. Map to Repositories: Associate vulnerabilities with the correct repositories in your Backline workspace
  4. Track Detection Time: Preserve the original detection timestamp from Endor Labs

Supported Finding Types

Backline imports findings from Endor Labs that meet the following criteria:
  • Finding Category: Vulnerability (SCA vulnerabilities)
  • CVE Identifier: Only findings with an associated CVE are imported
Other finding categories such as license risks, secrets, or policy violations are not imported.

Scan Schedule

After connecting Endor Labs, Backline automatically schedules periodic scans to fetch new vulnerabilities. The scan runs every 6 hours to ensure your vulnerabilities stay up to date.
The initial scan begins shortly after the integration is connected. You can view imported findings in the Vulnerabilities section.

Managing the Integration

Viewing Connection Status

To check your Endor Labs connection:
  1. Open the Integration Hub
  2. Find the Endor Labs card
  3. A Configure button indicates the integration is connected

Reconnecting

If your API key expires or needs to be updated:
  1. Click Configure on the Endor Labs card
  2. Enter the new API key and secret
  3. Click Connect to verify the new credentials

Troubleshooting

Connection Failed

If the connection test fails:
  • Verify your namespace name is correct
  • Ensure your API key and secret are correct and have not expired
  • Confirm the API key has read-only access to the specified namespace
  • Check that your network allows connections to Endor Labs API

Missing Vulnerabilities

If expected vulnerabilities are not appearing:
  • Only SCA vulnerability findings with CVE identifiers are imported
  • Verify the relevant repositories are accessible to Backline via your connected SCM integration
  • Ensure the Endor Labs project is associated with a git repository that matches your SCM repositories
  • Check that the finding exists in Endor Labs under the Vulnerability category

Repositories Not Matched

If vulnerabilities from certain projects are not appearing:
  • Backline matches Endor Labs projects to your SCM repositories using the repository URL
  • Ensure the git repository URL in Endor Labs matches the repository in your connected SCM
  • Verify the repository is accessible via your SCM integration in Backline