Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Configure CASB Connect for Github

CASB Connect for Github allows Security Operations Center (SOC) Admins to monitor user activity in Github, enforce DLP policies, and review threats detected by Skyhigh CASB UEBA (User and Entity Behavior Analytics) and machine learning algorithms. This topic provides information on how to configure Skyhigh CASB for Github.  

For information on activity monitoring, data loss prevention, and threat protection support on Skyhigh CASB for Github, see About Skyhigh CASB for Github.  

Prerequisites

Before you enable API for Github, the following prerequisites are required:

  • Enable the feature by reaching out to your Sales Representative to get the tenant ID administrator login credentials.
  • Get the admin credentials for Github hosted on the cloud.  
  • Get a list of Github organizations to be monitored.  
  • Make sure that the admin has the owner role in the organizations to be monitored.
  • If GitHub is enabled with IP address restriction, you must whitelist the Skyhigh IP addresses to receive GitHub events. To whitelist the Skyhigh IP addresses, contact Skyhigh Support.

Enable Github API in Skyhigh CASB

  1. Log in to Skyhigh CASB with your tenant and go to Settings > Service Management.
  2. Click Add Service Instance, select GitHub.
  3. Enter a name for the instance and click Done.
  4. Select the Github instance you created.
  5. Go to the Setup tab and under API, click Enable.
    clipboard_eeb6c438fbcfa72b4999cc3da2b4fe768.png
  6. On the Enable API page, click Provide API Credentials.
  7. Enter your Github credentials in the email and password. Click Submit.
  8. You are redirected to Authorize Skyhigh CASB For Github page. The following permissions are required for Github:
    • Organization webhooks. Required Read and Write permission.
    • Organization and teams. Required Read-Only permission.
    • Repositories. MVISION Github requires Read permission only. But Github doesn't provide any granular level permission for Read-Only, so it is set to Read and Write. For more details, refer to Github documentation and see Scopes for OAuth Apps.
      1.png
  9. Click Authorize instance.

Once these permissions are authorized, Skyhigh CASB receives Github events.

Validate Skyhigh CASB Authorization in Github

  1. Log in to the Github console.
  2. Under Authorized OAuth Apps, you can view the Github enabled for Skyhigh CASB application.
    2.png
  3. Click Skyhigh CASB For Github to view the permissions and Organization access.
    w3.png

Add GitHub Organizations

To add GitHub organizations for monitoring, perform the following:  

  1. Disable API access for GitHub in Skyhigh CASB. 
  2. Go to GitHub user Settings > Applications > Authorized OAuth application and revoke the Skyhigh CASB application.  
  3. Enable API access and grant permissions for additional organizations.  
  • Was this article helpful?