Endor Labs
Endor Labs is an application security tool that helps organizations identify and remediate security findings in their softwares. You can bring package, project, repository, and other security data from Endor Labs into Brinqa to construct a unified view of your attack surface, thus strengthening your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with Endor Labs and how to obtain that information from Endor Labs. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Endor Labs from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to integrate Endor Labs with Brinqa:
-
API URL: The Endor Labs API URL. The default URL is
https://api.endorlabs.com. -
Namespace: The Endor Labs namespace associated with your organization. For additional information, see Endor Labs documentation for Namespaces.
-
API Key ID & API Key Secret: The API credentials associated with the Endor Labs account, which must have permissions to log in to the API server and return data.
Generate Endor Labs API credentials
For the Endor Labs connector to use the Endor Labs API, you must generate API credentials. To do so, follow these steps:
-
Log in to your organization's Endor Labs portal as an administrator.
-
Navigate to Access Control > API Keys.
-
Click Generate API Key.
-
Provide a name and select the desired role(s) for the API key.
Brinqa recommends using the Read-only role, as this is considered to be the minimum role required to retrieve data from the Endor Labs API without administrative privileges. For additional information, see the Endor Labs documentation for Authorization roles.
-
Set an expiry date for the token. Options include: 30 days, 60 days, 90 days, or one year.
Your new API keys display. You can't view the keys again after this. Copy and save them to a secure location.
noteIf you do not have permission to create API credentials, contact your Endor Labs administrator. By default, API keys apply to the current namespace and all of its child namespaces. If this behavior is not desired, you can adjust the scope of the API key after creation. For more information, see the Endor Labs documentation on API keys.
Additional settings
The Endor Labs connector contains additional options for specific configuration:
-
Page size: The maximum number of records to get per API request. The default setting is 100. It is not recommended to go over 100.
-
Max retries: The maximum number of times that the integration attempts to connect to the Endor Labs API before giving up and reporting a failure. The default setting is 5.
Types of data to retrieve
The Endor Labs connector can retrieve the following types of data from the Endor Labs API:
Table 1: Data retrieved from Endor Labs
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Finding | No | Static Code Finding |
| Finding Definition | No | Static Code Finding Definition |
| Package | No | Package |
| Project | No | Code Project |
| Repository | No | Code Repository |
For detailed steps on how to view the data retrieved from Endor Labs in the Brinqa Platform, see How to view your data.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes.
Finding
Table 2: Finding attribute mappings
| Source Field Name | Maps to Brinqa Attribute |
|---|---|
| finding.meta.createTime (as an instant) | firstFound |
| finding.meta.description, or if missing, use uid | name |
| finding.meta.parentKind | parentKind |
| finding.meta.parentUuid | targets |
| finding.meta.updateTime (as an instant) | lastSeen |
| finding.spec.findingCategories | categories |
| finding.spec.findingMetadata.sourcePolicyInfo.name | policyName |
| finding.spec.findingTags | tags |
| finding.spec.level | level |
| finding.spec.projectUuid | projectId |
| finding.spec.remediation | remediation |
| finding.spec.remediationAction | recommendation |
| finding.spec.summary | summary |
| finding.spec.targetDependencyName | packageName |
| finding.spec.targetDependencyVersion | packageVersion |
| finding.tenantMeta.namespace | namespace |
| finding.uuid | uid |
Finding Definition
Table 3: Finding Definition attribute mappings
| Source Field Name | Maps to Brinqa Attribute |
|---|---|
| findingMetadata.cvssVersion | cvssVersion |
| findingMetadata.description | description |
| findingMetadata.name, or if missing, finding.meta.description, or if missing, use UID | name |
| findingMetadata.vulnerability.cveId | cveIds |
| findingMetadata.vulnerability.spec.affected.versions | affectedVersion |
| findingMetadata.vulnerability.spec.cvssV3Severity.level | cvssV3Severity |
| findingMetadata.vulnerability.spec.cvssV3Severity.score | cvssV3BaseScore |
| findingMetadata.vulnerability.spec.cvssV3Severity.temporalScore | cvssV3TemporalScore |
| findingMetadata.vulnerability.spec.cvssV3Severity.vector | cvssV3Vector |
| findingMetadata.vulnerability.spec.cvssV4Severity.baseLevel | cvssV4BaseLevel |
| findingMetadata.vulnerability.spec.cvssV4Severity.baseScore | cvssV4BaseScore |
| findingMetadata.vulnerability.spec.cvssV4Severity.environmentalLevel | cvssV4EnvironmentalLevel |
| findingMetadata.vulnerability.spec.cvssV4Severity.environmentalScore | cvssV4EnvironmentalScore |
| findingMetadata.vulnerability.spec.cvssV4Severity.threatLevel | cvssV4ThreatLevel |
| findingMetadata.vulnerability.spec.cvssV4Severity.threatScore | cvssV4ThreatScore |
| findingMetadata.vulnerability.spec.cvssV4Severity.vector | cvssV4Vector |
| findingMetadata.vulnerability.spec.epssScore.percentileScore | epssPercentile |
| findingMetadata.vulnerability.spec.epssScore.probabilityScore | epssScore |
| findingMetadata.vulnerability.spec.references.url | references |
Package
Table 4: Package attribute mappings
| Source Field Name | Maps to Brinqa Attribute |
|---|---|
| packageVersion.meta.createTime (as an instant) | sourceCreatedDate |
| packageVersion.meta.tags | tags |
| packageVersion.spec.ecosystem | ecosystem |
| packageVersion.spec.packageName, or if missing, meta.name, or if missing, use uid | name |
| packageVersion.spec.projectUuid | projectId |
| packageVersion.spec.releaseTimestamp (as an instant) | releaseDate |
| packageVersion.tenantMeta.namespace | namespace |
| packageVersion.uuid | uid |
Project
Table 5: Project attribute mappings
| Source Field Name | Maps to Brinqa Attribute |
|---|---|
| project.meta.createTime (as an instant) | sourceCreatedDate |
| project.meta.tags | tags |
| project.processingStatus.scanTime (as an instant) | lastScanned |
| project.spec.git.fullName | fullName |
| project.spec.git.fullName, or if missing, project.meta.name, or if missing, use uid | name |
| project.spec.git.webUrl | webUrl |
| project.spec.platformSource | platformSource |
| project.tenantMeta.namespace | namespace |
| project.uuid | uid |
Repository
Table 6: Repository attribute mappings
| Source Field Name | Maps to Brinqa Attribute |
|---|---|
| repository.spec.defaultBranch | defaultBranch |
| repository.meta.createTime (as an instant) | sourceCreatedDate |
| repository.meta.name | url |
| repository.meta.name, or if missing, use uid | name |
| repository.meta.parentUuid | projectId |
| repository.meta.tags | tags |
| repository.meta.updateTime (as an instant) | sourceLastModified |
| repository.spec.platformSource | platformSource |
| repository.tenantMeta.namespace | namespace |
| repository.uuid | uid |
Operation options
The Endor Labs connector supports the following operation options. See connector operation options for information about how to apply them.
Table 7: Endor Labs connector operation options
| Connector Object | Option | All Possible Values | Description | Example |
|---|---|---|---|---|
| Project | filter | Any valid Endor Labs REST API filter expression | A filter expression passed directly to the Endor Labs REST API to limit the projects retrieved by the connector. For details on constructing filter expressions, see the Endor Labs Filters documentation. | Key: filter Value: spec.git exists. This key and value combination only retrieves projects where the git field is defined in the spec section of the Endor Labs API response. |
The option keys and values are case-sensitive as they are shown in this documentation.
APIs
The Endor Labs connector uses the Endor Labs REST API. Specifically, it uses the following endpoints:
Table 8: Endor Labs API Endpoints
| Connector Object | API Endpoints |
|---|---|
| Finding | GET /v1/namespaces/{{namespace}}/findings |
| Finding Definition | GET /v1/namespaces/{{namespace}}/findings |
| Package | GET /v1/namespaces/{{namespace}}/package-versions |
| Project | GET /v1/namespaces/{{namespace}}/projects |
| Repository | GET /v1/namespaces/{{namespace}}/repositories |
Sample responses
The following sample responses illustrate the structure of the data returned by the Endor Labs API for each connector object.
Finding sample response
{
"list": {
"objects": [
{
"uuid": "67a245681179666901e4dadb",
"tenant_meta": {
"namespace": "demo-trial"
},
"meta": {
"create_time": "2025-02-04T16:50:48.383Z",
"update_time": "2025-09-10T01:53:16.880Z",
"name": "https://github.com/zjp-shadow/CharacterGen.git",
"kind": "Finding",
"tags": [
"AI"
],
"created_by": "peter@endor.ai@65d5495cd71c1bffbb149eb9@api-key",
"updated_by": "scheduler@endor.ai@x509"
},
"spec": {
"platform_source": "PLATFORM_SOURCE_GITHUB",
"internal_reference_key": "https://github.com/zjp-shadow/charactergen.git",
"git": {
"http_clone_url": "https://github.com/zjp-shadow/charactergen.git",
"git_clone_url": "git@github.com:zjp-shadow/charactergen.git",
"organization": "zjp-shadow",
"path": "charactergen",
"full_name": "zjp-shadow/charactergen",
"web_url": "https://api.github.com/zjp-shadow/charactergen"
}
},
"processing_status": {
"scan_state": "SCAN_STATE_IDLE",
"scan_time": "2025-02-04T16:50:48.448Z",
"analytic_time": "2025-09-10T01:52:39.994Z",
"disable_automated_scan": true
}
}
]
}
}
Finding Definition sample response
{
"list": {
"objects": [
{
"uuid": "67a245681179666901e4dadb",
"tenant_meta": {
"namespace": "demo-trial"
},
"meta": {
"create_time": "2025-02-04T16:50:48.383Z",
"update_time": "2025-09-10T01:53:16.880Z",
"name": "https://github.com/zjp-shadow/CharacterGen.git",
"kind": "FindingDefinition",
"tags": [
"AI"
],
"created_by": "peter@endor.ai@65d5495cd71c1bffbb149eb9@api-key",
"updated_by": "scheduler@endor.ai@x509"
},
"spec": {
"platform_source": "PLATFORM_SOURCE_GITHUB",
"internal_reference_key": "https://github.com/zjp-shadow/charactergen.git",
"git": {
"http_clone_url": "https://github.com/zjp-shadow/charactergen.git",
"git_clone_url": "git@github.com:zjp-shadow/charactergen.git",
"organization": "zjp-shadow",
"path": "charactergen",
"full_name": "zjp-shadow/charactergen",
"web_url": "https://api.github.com/zjp-shadow/charactergen"
}
},
"processing_status": {
"scan_state": "SCAN_STATE_IDLE",
"scan_time": "2025-02-04T16:50:48.448Z",
"analytic_time": "2025-09-10T01:52:39.994Z",
"disable_automated_scan": true
}
}
]
}
}
Package sample response
{
"list": {
"objects": [
{
"uuid": "65b2e132bab316368cac39d1",
"tenant_meta": {
"namespace": "demo-trial"
},
"meta": {
"create_time": "2024-01-25T22:31:14.568Z",
"update_time": "2024-12-12T16:16:07.704789360Z",
"upsert_time": "2024-12-12T16:16:07.704789360Z",
"name": "mvn://org.owasp:benchmark@1.2",
"kind": "PackageVersion",
"version": "v1",
"description": null,
"parent_uuid": "65b2e132fd8b2ab542dfff99",
"parent_kind": "Package",
"tags": [],
"annotations": {},
"created_by": null,
"updated_by": "endorlabs/acme-monorepo@github-action",
"references": {},
"index_data": null
},
"spec": {
"project_uuid": "65b2e119454f82e165d2eb19",
"source_code_reference": {
"version": {
"sha": "a214551880b3176721771ef7b2df79687b03b81b",
"ref": "master",
"metadata": {}
},
"http_clone_url": "https://github.com/owasp-benchmark/benchmarkjava.git",
"platform_source": "PLATFORM_SOURCE_GITHUB"
},
"release_timestamp": "2024-12-06T00:45:18Z",
"unresolved_dependencies": [
{
"maven": {
"group_id": "javax",
"artifact_id": "javaee-api",
"version_constraints": "8.0.1",
"exclusions": "",
"scope": null,
"scope_type": "SCOPE_PROVIDED",
"optional": false,
"type": null,
"classifier": "",
"targets": []
}
}
],
"resolved_dependencies": {
"resolution_timestamp": "2024-12-12T16:16:07.548324270Z",
"dependency_graph": {
"mvn://antlr:antlr@2.7.6": [],
"mvn://asm:asm@3.1": [],
"mvn://cglib:cglib@2.2": [
"mvn://asm:asm@3.1"
]
},
"dependencies": [
{
"name": "mvn://javax:javaee-api@8.0.1",
"public": true,
"source_repository_http_clone_url": "https://github.com/javaee/glassfish.git",
"source_repository_ref": null,
"release_date": "2019-11-07T01:26:46Z",
"platform_source": "PLATFORM_SOURCE_GITHUB",
"maven_dependency_scope": "SCOPE_PROVIDED",
"pinned": true,
"abstract": false,
"targets": [],
"vendored": null,
"imported_type": "IMPORTED_TYPE_UNSPECIFIED",
"file_locations": [],
"container_layers": [],
"patched": null,
"purl": null,
"eol_timestamp": null
}
],
"dependency_files": [
{
"path": "pom.xml"
}
]
},
"resolution_errors": {
"unresolved": null,
"resolved": null,
"call_graph": null
},
"ecosystem": "ECOSYSTEM_MAVEN",
"package_name": "mvn://org.owasp:benchmark",
"language": "LANGUAGE_JAVA",
"relative_path": "pom.xml",
"code_owners": null,
"call_graph_available": null,
"internal_reference_key": null
},
"processing_status": {
"scan_state": "SCAN_STATE_IDLE",
"scan_time": "2024-12-12T16:16:07.548320573Z",
"analytic_time": null,
"queue_time": null,
"disable_automated_scan": true,
"metadata": null
},
"context": {
"type": "CONTEXT_TYPE_MAIN",
"will_be_deleted_at": null,
"id": "default",
"tags": []
}
}
],
"response": {
"next_page_token": 1,
"next_page_id": "65b2e132bab316368cac39d1"
}
}
}
Project sample response
{
"list": {
"objects": [
{
"uuid": "65b2e0f5bab316368cac3681",
"tenant_meta": {
"namespace": "demo-trial"
},
"meta": {
"create_time": "2024-01-25T22:30:13.356Z",
"update_time": "2025-09-10T02:27:34.043990957Z",
"upsert_time": null,
"name": "https://github.com/ikismail/ShoppingCart.git",
"kind": "Project",
"version": "v1",
"description": null,
"parent_uuid": null,
"parent_kind": null,
"tags": [
"CrownJewel"
],
"annotations": {},
"created_by": null,
"updated_by": "scheduler@endor.ai@x509",
"references": {},
"index_data": null
},
"spec": {
"platform_source": "PLATFORM_SOURCE_GITHUB",
"internal_reference_key": "https://github.com/ikismail/shoppingcart.git",
"git": {
"http_clone_url": "https://github.com/ikismail/shoppingcart.git",
"git_clone_url": "git@github.com:ikismail/shoppingcart.git",
"organization": "ikismail",
"path": "shoppingcart",
"full_name": "ikismail/shoppingcart",
"web_url": "https://api.github.com/ikismail/shoppingcart",
"external_installation_id": null,
"invalid_installation": null
},
"ingestion_token": null,
"toolchain_profile_uuid": null,
"scan_profile_uuid": null
},
"processing_status": {
"scan_state": "SCAN_STATE_IDLE",
"scan_time": "2024-12-12T16:15:07.053144268Z",
"analytic_time": "2025-09-10T02:27:22.582460560Z",
"queue_time": null,
"disable_automated_scan": true,
"metadata": {
"full_history_scan_time": "2024-06-10T20:16:24.451200304Z"
}
}
}
],
"response": {
"next_page_token": 1,
"next_page_id": "65b2e0f5bab316368cac3681"
}
}
}
Repository sample response
{
"list": {
"objects": [
{
"uuid": "65b2e0f5454f82e165d2e943",
"tenant_meta": {
"namespace": "demo-trial"
},
"meta": {
"create_time": "2024-01-25T22:30:13.511Z",
"update_time": "2024-12-12T16:15:07.085838151Z",
"upsert_time": "2024-01-25T22:30:13.511948010Z",
"name": "https://github.com/ikismail/shoppingcart.git",
"kind": "Repository",
"version": "v1",
"description": null,
"parent_uuid": "65b2e0f5bab316368cac3681",
"parent_kind": "Project",
"tags": [],
"annotations": {},
"created_by": null,
"updated_by": "endorlabs/acme-monorepo@github-action",
"references": {},
"index_data": null
},
"spec": {
"platform_source": "PLATFORM_SOURCE_GITHUB",
"external_id": null,
"http_clone_url": "https://github.com/ikismail/shoppingcart.git",
"owner": null,
"create_time": "2024-01-25T22:30:13.486152516Z",
"update_time": null,
"contributors": [],
"commit_hashes": [
"c992c54bde6af51f67d8cfec5cdba6cbcda19f6c"
],
"languages": null,
"tags": [],
"branch_protections": {},
"vulnerability_alerts_enabled": null,
"default_branch": "c992c54bde6af51f67d8cfec5cdba6cbcda19f6c",
"org": null,
"repository_license": null
},
"ingested_object": {
"raw": {},
"ingestion_time": "2024-01-25T22:30:13.486165816Z",
"status": "INGESTED_OBJECT_STATUS_UNSPECIFIED"
}
}
],
"response": {
"next_page_token": 1,
"next_page_id": "65b2e0f5454f82e165d2e943"
}
}
}
Changelog
The Endor Labs connector has undergone the following changes:
Table 9: Endor Labs connector changelog
| Version | Description | Date Published |
|---|---|---|
| 3.0.1 | Added the NAMESPACE attribute to the Finding and Package objects. | September 17th, 2025 |
| 3.0.0 | Initial Integration+ release. | September 12th, 2025 |