Customer is a leading CASB (Cloud Access Security Broker) Monitoring solution provider.


Client requested for the development of a GitLab extension that would scan IaC (Infrastructure as code) templates against the security policies defined in the platform when one raises a Pull request

Technology Solution

Sacumen developed the GitLab extension that scan the IaC templates whenever a Pull request was raised. Purpose is to identify the insecure configurations in common Infrastructure-as-Code (IaC) templates – for example, AWS Cloud Formation Templates, Terraform templates, Kubernetes App Deployment YAML files

User needs to set environment variables in their GitLab project settings. It includes details such as app url, access key, secret key, failure conditions etc. User needs to configure the webhook in GitLab to send the events payload on trigger of Pull request.

The app was written in Java language and hosted as web app to process Webhook events sent by GitLab related to Pull request

App made required API calls to GitLab to fetch the repo and environment variables. App made REST API calls to the platform for full repo scan

User has ability to configure the criteria that defines whether or not allow the merge for the pull request

Scan results are displayed to User. Issues were created with scan results based on customer defined criteria

Do you need free Consultation for your security product integration?

    There are no reviews yet.

    Be the first to review “GitLab Extension for leading CASB product”