: Begin Scanning a GitHub App
Focus
Focus

Begin Scanning a GitHub App

Table of Contents

Begin Scanning a GitHub App

Authorize
Data Security
to connect to GitHub to scan all content shared within the app.
You can connect a GitHub to
Data Security
to scan for public exposure of repository folders or source code files to ensure your company’s proprietary information is secure. With GitHub, you can control if
Data Security
scans a collection of owner accounts connected to an organization or a single owner account.
To connect GitHub to
Data Security
and begin scanning assets, you need to:
Support for automated remediation capabilities varies by SaaS application.

Add GitHub App

In order for
Data Security
to scan assets, you must consent to specific permissions during adding the GitHub app.
  1. To add the GitHub app,
    Data Security
    Applications
    Add Application
    GitHub
    .
  2. Click
    Connect to GitHub Account
    , then sign in with a GitHub account that has Owner privileges.
  3. Choose which repositories you want
    Data Security
    to scan:
    • (Recommended) If your GitHub account is part of an organization,
      Grant
      Data Security
      Organization access
      to scan your organization’s current and future repositories.
    • Selectively choose which repositories you want
      Data Security
      to scan.
  4. Authorize
    Data Security
    (listed as
    PAN ShieldArc
    ) access to your GitHub account.
  5. Verify that you successfully granted
    Third-Party application access policy
    to
    Data Security
    .

Identify Risks

When you add a new cloud app, then enable scanning,
Data Security
automatically scans the cloud app against the default data patterns and displays the match occurrences. You can take action now to improve your scan results and identify risks.
  1. To Start scanning the new GitHub app for risks,
    Data Security
    Applications
    GitHub
    Enable Scanning
    .
  2. During the discovery phase, as
    Data Security
    scans files and matches them against enabled policy rules:
    • Verify that SaaS Security web interface displays assets.
    • Verify that your default policy rules are effective. If the results don’t capture all the risks or you see false positives, proceed to next step to improve your results.
  3. (
    Optional
    ) Modify match criteria for existing policy rules.
  4. (
    Optional
    ) Add new policy rules.
    Consider the business use of your cloud app, then identify risks unique to your enterprise. As necessary, add new:
  5. (
    Optional
    ) Configure or edit a data pattern.
    You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.

Fix GitHub Onboarding Issues

The most common issues related to onboarding a GitHub app are as follows:
Symptom
Explanation
Solution
Data Security
web interface does not display assets that are associated with new branches.
For performance reasons,
Data Security
only scans the default branch of the repository, not all branches of the repository.
This is expected behavior.
Data Security
web interface does not display assets for a newly created repository.
You likely did not grant Organization access as outlined in Add GitHub App.
Reauthenticate and authorize access to the new repository or grant Organization access.

Recommended For You