Overview
About
GitHub is a code hosting platform for version control and collaboration. It lets you and others work together on projects from anywhere. When integrated with your Vulcan Platform, you can review code-projects, while leveraging the power of Vulcan Cyber discoverability and automation.
Why integrate Github into the Vulcan platform?
The GitHub Connector by Vulcan integrates with the GitHub platform to pull and ingest assets type Code Project into your Vulcan Platform. Once the integration is complete, the Vulcan Platform scans the report's findings to correlate, consolidate, and contextualize the ingested data to impact risk and remediation priority.
GitHub Connector Details
Supported products | GitHub |
Category | Cloud |
Ingested asset type(s) | Application Security |
Integration type | UNI directional (data is transferred from the Connector to the Vulcan Platform in one direction) |
Supported version and type | SaaS (latest) |
Connector Setup
Prerequisites and user permissions
To configure the Connector, you need to perform the following first:
Generate API Personal Access Token from GitHub with the following configurations and access scopes:
Repo: all
read:packages
read:org
read:public_key
read:repo_hook
read:user
user:email
Configuring the GitHub Connector
Log in to your Vulcan Cyber dashboard and go to Connectors.
Click on Add a Connector.
Click on the GitHub icon.
Set up the Connector as follows:
Enter the API Key as generated from your GitHub
For Organizations, click Load Organization and select the relevant organizations to pull assets from.
Click the Test Connectivity button to verify that Vulcan Cyber can connect to your GitHub instance, then click Create (or Save Changes).
Allow some time for the sync to complete. You can review the sync status under Log.
To confirm the sync is complete, navigate to the Connectors tab to check the sync status. Once the GitHub icon shows Connected, the connection is complete.
GitHub in the Vulcan Platform
Viewing GitHub assets in the Vulcan Platform
To view assets by Connector/Source:
Go to the Assets page.
Click on the relevant asset type tab.
Use the Search or filter input box to select Connector from the drop-down selection.
Select GitHub from the Asset source/Connector list to filter results and view all synced assets.
See the complete list of available asset filters per asset type
From GitHub to the Vulcan Platform - Data Mapping
The Vulcan Platform integrates with GitHub through API to pull relevant asset data and map it into the Vulcan Platform pages and fields.
Code Project Fields Mapping
GitHub field | Vulcan field | Value Example |
Repository Name | Asset Name | - |
Code Project | Asset Type | - |
Dependency | Asset Library > Name | qs, morgan, debug |
|
|
|
Version | Asset codebase > Version | 1.6.1 |
About | Asset details | - |
Tags | Asset Tags | - |