Begin Scanning GitHub

Authorize SaaS Security API to connect to GitHub to scan all content shared within the app.
You can connect a GitHub to SaaS Security API to scan for public exposure of repository folders or source code files to ensure your company’s proprietary information is secure. With GitHub, you can control if SaaS Security API scans a collection of owner accounts connected to an organization or a single owner account.
  1. Add GitHub to SaaS Security API.
    1. From the
      Dashboard
      , select
      Add a Cloud App
      , and click the
      GitHub
      icon.
    2. Click
      Connect to GitHub Account
      , then sign in with a GitHub account that has owner privileges.
    3. If your GitHub account is part of an organization,
      Grant
      SaaS Security API access to scan your organization’s repositories.
    4. Authorize
      SaaS Security API (formerly Aperture) access to your GitHub account.
    5. Verify that you successfully granted Third-Party application access to SaaS Security API.
  2. Add policy rules.
    When you add a new cloud app, SaaS Security API automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of GitHub to determine if you need to Add a New Asset Rule to look for incidents unique to GitHub.
  3. Start scanning GitHub for incidents.
    1. Select
      Settings
      Cloud Apps & Scan Settings
      .
    2. In the Cloud Apps row that corresponds to the application instance you just added, select
      Actions
      Start Scanning
      .
      SaaS Security API scans all assets in the associated app and begins to identify incidents. Depending on the number of users and assets, it may take some time to complete the process. However, as soon as you begin to see this information populating on the
      Dashboard
      , you can begin to Assess Incidents.
  4. Monitor the results of the scan.
    As SaaS Security API scans files and matches them against enabled policy rules, you can Monitor Scan Results on the Dashboard to verify your policy rules are effective. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the policy rules to ensure better results.

Recommended For You