Getting Started with Resmo GitHub Integration

A lot of development teams use GitHub, and it's a critical workflow asset for modern software and code. But what if your GitHub environment isn't fully protected against security violations? While GitHub comes with a ton of repository settings and tools to avert data leaks and breaches, security instances might still occur.

According to a study conducted in 2019, analyzing public GitHub repositories showed that a total of 575,456 instances related to sensitive data such as IDs, access tokens, API keys, OAuth IDs, private keys, and AWS access key IDs.

This is where Resmo steps in - to ensure your development environment remains secure without leaving room for unawareness. Resmo+GitHub integration makes it easier than ever to view and query your GitHub resources, set up rules and notifications for an unwavering security posture. 

Why you need cyber asset visibility for GitHub 

Product security has traditionally been based on checklist activities, manual review of findings, and correction of issues. Although this has worked for many organizations, it is not as effective as it could be because security teams can only focus on a limited number of systems. DevOps practices and cloud-based platforms are replacing traditional systems, significantly increasing the number of software products being used by organizations.

These new systems are more complex (they have a greater attack surface), are developed faster and in a continuous manner, require ongoing operations, and use external resources that need to be secured (for example, GitHub). Resmo helps cut down on the amount of effort and time required for manually checking the security and compliance of your cloud and cloud-based assets by collecting all on a single platform and automating the process.

And why is continuity essential for your organization's data protection?

"I think continuous testing is really important because adversary behaviors change frequently, our profiles and organizations change frequently and more importantly, even than the changes they bring and the changes in the playbooks we face is ultimately the controls and their effectiveness are easy to lose track of. And so when I think about testing constantly, it is because I want to know more up to the minute than up to the month how our controls are performing." Justin Berman, CISO at Zenefits

All-in-one for your GitHub security posture

GitHub integration with Resmo ensures your GitHub environments' security and compliance by providing you detailed insights and alerts when any potential threat occurs against your set of rules. With Resmo, you can:

• Monitor your GitHub assets in one place.
• Visualize and query your GitHub repositories, users, issues, organization members, and more.
• Monitor the changes to and permissions of your organization and teams. 
• Check your GitHub environment security and compliance posture with Best Practices packs.
• Set up rules and rule notifications based on your GitHub configurations.
• Cross-query and monitor your GitHub deployments with other tools like AWS EC2 and identify their relations.
  

How It Works

Resmo has an official GitHub application that makes it easy to integrate and start securing your GitHub repositories and environments. You can install the application once you sign up to Resmo. The application does the initial polling and obtains existing resources. Then, it collects changes and configurations in real-time through webhooks.

The integration fundamentally operates through:

• API polling

• Webhooks
  

Once you complete the integration, you can start running queries, monitoring your resources, setting up rules and notifications to get alerted on any change that might pose a threat to your organization’s security.

Learn how to integrate Resmo with GitHub step-by-step.

Resources

Resmo provides a quick and efficient way to query data using SQL, search, and view your resources so that you can save time and keep your assets safe and compliant. Resources available for GitHub include:

• Deploy Key
• Deployment​
• Deployment Environment
• Issue
• Organization
• Organization Blocked User​
• Organization Invitation​
• Organization Member​
• Pull Request​
• Repository
• Team​
• Team Member​
  

You can see the updated GitHub resources list here.

Common queries and rules for GitHub users

• Check if organization members enabled two-factor authentication (2FA)

‍Related query in Resmo
SELECT id, name, twoFactorRequirementEnabled FROM github_org WHERE twoFactorRequirementEnabled = false

• See pull requests managed by a developer in the last five days
• Monitor open issues with a bug and security tag for two days

Related query in Resmo
SELECT title, lbl.name, createdAt, DATE_DIFF(day, FROM_UNIXTIME(createdAt/1000), UTCNOW()) AS since FROM github_issue g, g.labels as lbl WHERE (lbl.name = 'bug' OR lbl.name = 'security') AND DATE_DIFF(day, FROM_UNIXTIME(createdAt/1000), UTCNOW()) > 2

• Control and ensure your organization's repository permissions
• List pull requests merged without any review or comment
• Check organization permissions and ensure that you restrict admin rights

Related query in Resmo
SELECT id, name, defaultRepositoryPermission FROM github_org WHERE defaultRepositoryPermission != 'admin'

Continuous insights into your day-to-day workflows

Bringing development into the cloud is a necessity these days. It allows your teams to work safely on a version of the code in production, no matter where they are or how they access it. In this sense, GitHub and Resmo are built around a similar problem-solution frame: 

To be safer, meet compliance requirements, avoid potential violations and demonstrate good governance of your code. Our integration benefits you in multiple ways. But most importantly – it allows you to focus on shipping features, fixing bugs, and ensuring your product is the best it can be without worrying about potential risks!

You get visibility into what changes are taking place and when they're taking place, even if they're happening to branches that you're not looking at. This affords you the chance to set permissions more effectively and take action early on if any changes are detected that look suspicious. ‍

Ready to set up your entire team on a secure footing? Request a demo today.