OTHER DATA PROTECTION CASE STUDIES
Customer is a leading CASB (Cloud Access Security Broker) Monitoring solution provider.
Client demanded development of a certified GitHub app that would scan IaC (Infrastructure as code) templates against the security policies defined in the platform when one raises a Pull request
Sacumen developed the certified GitHub app that scan the IaC templates whenever a Pull request was raised. Purpose is to identify the insecure configurations in common Infrastructure-as-Code (IaC) templates – for example, AWS Cloud Formation Templates, Terraform templates, Kubernetes App Deployment YAML files.
User needs to configure the webhook in GitHub to send the events payload on trigger of Pull request.
The app was written in Java language and hosted as web app to process Webhook events sent by GitHub related to Pull request . App made required API calls to GitHub to fetch the repo and template details. App made REST API calls to the platform for full repo scan.
User has ability to configure the criteria that defines whether or not you allow the merge for the pull request.
Scan results are displayed to User. Issues were created with scan results based on customer defined criteria.