Customer is a leading CASB ( Cloud Access Security Broker) Monitoring solution provider.


Client demanded development of a certified GitHub app that would scan IaC(Infrastructure as code) templates against the security policies defined in the platform when one raises a Pull request

 Technology Solution

  • Sacumen developed the certified GitHub app that scan the IaC templates whenever a Pull request was raised. Purpose is to identify the insecure configurations in common Infrastructure-as-Code (IaC) templates – for example, AWS Cloud Formation Templates, Terraform templates, Kubernetes App Deployment YAML files
  •  User needs to configure the webhook in GitHub to send the events payload on trigger of Pull request.
  •  The app was written in Java language and hosted as web app to process Webhook events sent by GitHub related to Pull request . App made required API calls to GitHub to fetch the repo and template details. App made REST API calls to the platform for full repo scan.
  •  User has ability to configure the criteria that defines whether or not you allow the merge for the pull request
  •  Scan results are displayed to User. Issues were created with scan results based on customer defined criteria 
    Secure Cloud Infrastructure Monitoring integration with QRadar

    Customer Support

    Send us a message

    Get in Touch

    Select Job Role (required)