Begin Scanning GitHub
Authorize SaaS Security API to connect to GitHub to scan
all content shared within the app.
You can connect a GitHub to SaaS Security
API to scan for public exposure of repository folders or source
code files to ensure your company’s proprietary information is secure.
With GitHub, you can control if SaaS Security API scans a collection
of owner accounts connected to an organization or a single owner
account.
- Add GitHub to SaaS Security API.
- From theDashboard, selectAdd a Cloud App, and click theGitHubicon.
- ClickConnect to GitHub Account, then sign in with a GitHub account that has owner privileges.
- If your GitHub account is part of an organization,GrantSaaS Security API access to scan your organization’s repositories.
- AuthorizeSaaS Security API (formerly Aperture) access to your GitHub account.
- Verify that you successfully granted Third-Party application access to SaaS Security API.
- Add policy rules.When you add a new cloud app, SaaS Security API automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of GitHub to determine if you need to Add a New Asset Rule to look for incidents unique to GitHub.
- Start scanning GitHub for incidents.
- Select .
- In the Cloud Apps row that corresponds to the application instance you just added, select .SaaS Security API scans all assets in the associated app and begins to identify incidents. Depending on the number of users and assets, it may take some time to complete the process. However, as soon as you begin to see this information populating on theDashboard, you can begin to Assess Incidents.
- Monitor the results of the scan.As SaaS Security API scans files and matches them against enabled policy rules, you can Monitor Scan Results on the Dashboard to verify your policy rules are effective. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the policy rules to ensure better results.
