Authorize SaaS Security API to connect to GitHub to scan
all content shared within the app.
You can connect a GitHub to SaaS Security
API to scan for public exposure of repository folders or source
code files to ensure your company’s proprietary information is secure.
With GitHub, you can control if SaaS Security API scans a collection
of owner accounts connected to an organization or a single owner
Add GitHub to SaaS Security API.
Add a Cloud App
, and click the
Connect to GitHub Account
then sign in with a GitHub account that has owner privileges.
If your GitHub account is part of an organization,
Security API access to scan your organization’s repositories.
SaaS Security API
(formerly Aperture) access to your GitHub account.
Verify that you successfully granted Third-Party application
access to SaaS Security API.
Add policy rules.
When you add a new cloud app, SaaS Security API automatically
scans the app against the default data patterns and displays the
match occurrences. As a best practice, consider the business use
of GitHub to determine if you need to Add a New Asset Rule to
look for incidents unique to GitHub.
Start scanning GitHub for incidents.
Cloud Apps & Scan Settings
In the Cloud Apps row that corresponds to the application
instance you just added, select
SaaS Security API scans all assets in the associated app
and begins to identify incidents. Depending on the number of users
and assets, it may take some time to complete the process. However,
as soon as you begin to see this information populating on the
As SaaS Security API scans files and matches them against
enabled policy rules, you can Monitor
Scan Results on the Dashboard to verify your policy rules
are effective. Monitoring the progress of the scan during the discovery
phase allows you to Fine-Tune
Policy to modify the policy rules to ensure better results.