OTHER DATA PROTECTION CASE STUDIES
Customer is a leading CASB (Cloud Access Security Broker) Monitoring solution provider.
Client requested for development of certified BitBucket (BB) app (for Cloud edition) that would scan IaC(Infrastructure as code) templates against the security policies defined in the platform when one raises a Pull request
Sacumen developed the certified BB app (for Cloud edition) that scans the IaC templates whenever a Pull request was raised. The purpose is to identify the insecure configurations in common Infrastructure-as-Code (IaC) templates – for example, AWS Cloud Formation Templates, Terraform templates, Kubernetes App Deployment YAML files
The app was written in Java language and hosted as web app to process Webhook events sent by BB related to Pull request. The json descriptor file will be provided in BB Cloud to render the configuration page. User needs to configure the webhook in BB to send the events payload on trigger of Pull request
App made required API calls to BB Cloud to fetch the full repo contents. App made REST API calls to the platform for full repo scan
User has the ability to configure the criteria that define whether or not to allow the merge for the pull request
Scan results are displayed to User. Issues were created with scan results based on customer defined criteria