Skip to main content
We are excited to introduce the latest features and enhancements in Endor Labs.

Export findings to Wiz New

Endor Labs now supports exporting SCA and SAST findings to Wiz after scheduled scans on the default branch. Findings map to Wiz enrichment schemas and appear in the Wiz Security Graph so you can correlate code risk with cloud context. For more information, see Export findings to Wiz.

Endor Labs Skills Beta New

Endor Labs Skills are pre-built AI agent instructions that automate common security workflows using endorctl. Skills provide structured prompts that guide your AI coding assistant through tasks like installing and configuring endorctl, authenticating with identity providers, scanning repositories for vulnerabilities, and running secrets and SAST scans. Skills are available for Claude Code and Cursor. For more information, see Skills.

Scala Bzlmod support for Bazel repositories New

Endor Labs now supports software composition analysis for Scala projects in Bazel repositories that use Bzlmod for external dependency management. Bzlmod support requires Bazel aspects with rules_scala >= 5.0.0. For more information, see Bazel and Bazel Aspects.

Bitbucket Data Center App PR scans Beta New

The Endor Labs Bitbucket Data Center App now supports automated pull request scanning for security vulnerabilities, policy violations, and exposed secrets. You can also configure PR comments directly on your pull requests when issues are detected, helping developers address security concerns before merging code. For more information, see Bitbucket Data Center App PR scans.

Snooze findings New

You can now snooze findings to temporarily dismiss them and choose when they should reappear, making it easier to defer action on findings without creating permanent exception policies. For more information, see Snooze findings.

Dismiss findings using ignore files New

You can use an ignore file in your repository to exclude specific findings from scan results. The file is read during a scan and applies only to the repository version that contains it. Entries that match the file are excluded from the findings view and do not trigger action policies. For more information, see Dismiss findings using an ignore file and Allow ignore files to dismiss findings.

Container registry scanning Beta New

Endor Labs now supports scanning container images directly from container registries. Use endorctl container registry commands to:
  • Discover container images across repositories.
  • Apply filters to control the scan scope.
  • Create and reuse scan plans for repeated scans.
For more information, see Container registry scanning.

Package Firewall Beta New

Endor Labs introduces Package Firewall, which inspects package requests during installation and blocks packages identified as malware in real time. Package Firewall integrates with JFrog Artifactory to route package traffic through the firewall before packages are downloaded. Malicious packages are blocked before they reach developer environments or CI pipelines. For more information, see Package Firewall.

Rush monorepo support for JavaScript and TypeScript New

Endor Labs now offers support for scanning JavaScript and TypeScript projects in Rush monorepos by resolving dependencies from rush.json and the centralized lock file. For more information, see Scan Rush monorepos.

Endor Labs MCP server support for additional platforms Beta Enhancement

The Endor Labs MCP server now supports Claude Code, OpenAI Codex, Devin, Augment Code, and IntelliJ IDEA, in addition to the previously supported Cursor, Visual Studio Code, and Gemini CLI platforms. You can integrate the MCP server into your preferred AI-powered development workflow to scan code in real-time and catch security issues before they reach production. For more information, see MCP Server.