Use these steps to connect your GitHub account to Prisma
You can connect a GitHub to Prisma SaaS to
scan for public exposure of repository folders or source code files
to ensure your company’s proprietary information is secure. With GitHub,
you can control if Prisma SaaS scans a collection of owner accounts
connected to an organization or a single owner account.
Add GitHub to Prisma SaaS.
From the Prisma SaaS
Add a Cloud App
, and click the
Connect to GitHub Account
enter your username or email address, and your password.
You must sign in with an account that has owner privileges.
Authorize Prisma SaaS access to your GitHub account.
If your GitHub account is part of
an organization, you must grant Prisma SaaS access to begin scanning
of organization repositories.
Log in to GitHub, click your profile
icon, and select
Select the organization name, click
(now known as Prisma SaaS).
Add policy rules.
When you add a new cloud app, Prisma SaaS automatically
scans the app against the default data patterns and displays the
match occurrences. As a best practice, consider the business use
of GitHub to determine if you need to Add a New Asset Rule to
look for incidents unique to GitHub.
Start scanning GitHub for incidents.
Cloud Apps & Scan Settings
In the Cloud Apps row that corresponds to the application
instance you just added, select
Prisma SaaS scans all assets in the associated app and
begins to identify incidents. Depending on the number of users and
assets, it may take some time to complete the process. However,
as soon as you begin to see this information populating on the Prisma
SaaS dashboard, you can begin to Assess
Monitor the results of the scan.
As Prisma SaaS scans files and matches them against enabled
policy rules, you can Monitor
Scan Results on the Dashboard to verify your policy rules
are effective. Monitoring the progress of the scan during the discovery
phase allows you to Fine-Tune
Policy to modify the policy rules to ensure better results.