Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Defender for Cloud's integration with Endor Labs enhances the security of software applications by identifying and mitigating vulnerabilities in partner dependencies. This integration streamlines the discovery and remediation processes, improving overall security.
This article provides a detailed explanation of the benefits and procedures needed to connect Endor Labs to Defender for Cloud. By following the steps outlined, security teams are able to gain enhanced visibility and control over potential threats, from the initial stages of code development all the way through to runtime.
Prerequisites
You need a Microsoft Azure subscription. If you don't have an Azure subscription, you can sign up for a free subscription.
You must enable Microsoft Defender for Cloud on your Azure subscription.
You must enable Defender Cloud Security Posture Management (CSPM) on your Azure subscription.
Connect your DevOps environments to Defender for Cloud:
Have an account with Endor Labs.
Have an API key from Endor Labs with read-only permissions. We recommend setting the expiration date to be 180 days.
You must have the appropriate role to:
- Create DevOps connectors: Security Admin or Contributor assigned at the subscription level through Azure role-based-access control (RBAC).
- Create the Endor Labs connector: Security Administrator (or higher) assigned at the tenant level through Microsoft Entra. Permissions can be granted through Privileged Identity Management.
- View reachability analysis findings: Security Admin or Security Reader assigned at the subscription level through Azure role-based-access control (RBAC) on the subscription that hosts the DevOps connector.
You can only have one connector to Endor Labs per tenant.
Findings from Endor Labs are only shown if the corresponding repository is also connected to Defender for Cloud.
Connect Endor Labs
To connect your Endor Labs account to Defender for Cloud:
Sign in to the Azure portal.
Navigate to Microsoft Defender for Cloud > Environment settings.
Select Integrations.
Select Add integration > Endor Labs.
Note
The option to add the Endor labs integration isn't available if you don't have the appropriate permissions, or if you already have an existing connector to Endor Labs.
Enter an Endor Labs namespace, API key ID, API secret.
Select Create.
A notice appears after the integration is successfully created. Defender for Cloud scans repositories that are connected to Endor Labs, and populates with results after six hours.