SaaS Security
Onboard a Cody App to SSPM
Table of Contents
Expand All
|
Collapse All
SaaS Security Docs
Onboard a Cody App to SSPM
Learn how you can manually provide SSPM with the configuration values for a Cody
instance.
Where Can I Use This? | What Do I Need? |
---|---|
|
Or any of the following licenses that include the Data Security license:
|
The onboarding process for Cody is different from most applications,
because SSPM does not support scans for Cody. During the onboarding process for most
applications, SSPM establishes a connection to your application instance by using
credentials that you provide, such as a login password or an access token. After
SSPM has established this connection, SSPM can scan your application instance's
settings by using an API provided by the application or by using data extraction
techniques.
Although SSPM does not support scans for Cody, you can still onboard a Cody
application to SSPM. However, when you onboard a Cody application to SSPM, you don’t
supply SSPM with any authentication credentials. SSPM does not establish a
connection to your Cody instance and does not run scans to determine the Cody
settings. Instead, you will manually enter your Cody instance's settings, which SSPM
will compare against its recommended settings. You can think of this process as a
virtual onboarding. SSPM creates a tile on the Applications page to represent your
Cody instance, but this tile is isolated to SSPM. SSPM will show rule violations for
the Cody instance, but SSPM determines the violations based entirely on the
information that you manually enter. If you change the value of a setting in your
application instance, you must also manually update the setting value in SSPM. If
you don’t keep the setting values synchronized, the rule violations that SSPM
displays will be unreliable.
To onboard a Cody instance, you complete the following steps:
- Log in to Sourcegraph Cloud as an administrator.Logging in will enable you to view the current values of the configuration settings, and, if necessary, update the settings to our recommended values.Log in to Strata Cloud Manager.Select ManageConfigurationSaaS SecurityPosture SecurityApplicationsAdd Application and click the Cody tile.On the Posture Security tab, Add New instance.SSPM displays the onboarding page, which lists the Cody configuration settings and our recommended configuration values.From your Cody instance, identify the configuration values, and provide these configuration values to SSPM.To avoid triggering rule violations in SSPM, you can update the values in Cody to match our recommended values.You can enter the configuration values in the fields provided, or upload a comma-separated values (CSV) file that contains the configuration values. To simplify the process of creating the CSV file, you can download a CSV template file from SSPM. To upload a CSV file, complete the following steps:
- Select Upload Security Setting Values and then Download Template.Open the CSV template file in a spreadsheet application such as Microsoft Excel or Google Sheets.Enter the configuration values into the CSV template file, and save your changes.Upload your edited CSV file to SSPM, and Save. You can either drag and drop the file into the File Upload area or you can Browse to locate the file.Connect with Cody.SSPM adds a tile on the Applications page to represent your Cody instance. Based on the values that you entered, SSPM will determine if your Cody instance has any rule violations.Because SSPM is not scanning your Cody instance, you must ensure that the information that SSPM has about your Cody instance remains accurate. If you change a setting value in Cody, manually update that value in SSPM. To do this, complete the following steps:
- Navigate to the Applications page (SSPMApplications).Locate the Cody instance's tile and View Details.Edit Current Value of the setting.