Begin Scanning a GitHub App
Authorize SaaS Security API to connect to GitHub to scan
all content shared within the app.
You can connect a GitHub to SaaS Security
API to scan for public exposure of repository folders or source
code files to ensure your company’s proprietary information is secure.
With GitHub, you can control if SaaS Security API scans a collection
of owner accounts connected to an organization or a single owner
account.
To connect GitHub to SaaS Security API and begin
scanning assets, you need to:
For
information on which automated remediation capabilities SaaS Security
API supports with GitHub, refer to Supported Content, Remediation and Monitoring.
Add GitHub App
In order for SaaS Security API to scan assets,
you must consent to specific permissions during the course of adding
the GitHub app.
- From theDashboard, selectAdd a Cloud App, and click theGitHubicon.
- ClickConnect to GitHub Account, then sign in with a GitHub account that has owner privileges.
- If your GitHub account is part of an organization,GrantSaaS Security API access to scan your organization’s repositories.
- AuthorizeSaaS Security API (listed asPAN ShieldArc) access to your GitHub account.
- Verify that you successfully granted Third-Party application access to SaaS Security API.
Identify Risks
When you add a new cloud app, then enable scanning,
SaaS Security API automatically scans the cloud app against the
default data patterns and displays the match occurrences. You can
take action now to improve your scan results and identify risks.
- Start scanning the new GitHub app for risks.
- Select.SettingsCloud Apps & Scan Settings
- In the Cloud Apps row that corresponds to the new GitHub app, select.ActionsStart Scanning
- During the discovery phase, as SaaS Security API scans files and matches them against enabled policy rules:
- Verify that SaaS Security web interface displays assets.
- Verify that your default policy rules are effective. If the results don’t capture all risks or you see false positives, proceed to next step to improve your results.
- (Optional) Modify match criteria for existing policy rules.
- (Optional) Add new policy rules.Consider the business use of your cloud app, then identify risks unique to your enterprise. As necessary, add new:
- (Optional) Configure or edit a data pattern.You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
Fix GitHub
Onboarding Issues
The most common issues related to onboarding
a GitHub app are as follows:
Symptom | Explanation | Solution |
---|---|---|
SaaS Security API web interface does not display
assets that are associated with new branches. | For performance reasons, SaaS Security API only
scans the default branch of the repository, not all branches of
the repository. | This is expected behavior. |
Recommended For You
Recommended Videos
Recommended videos not found.