Next Generation API Data Protection for GitHub
Next Generation API Data Protection for GitHub
Using API Data Protection involves first configuring the API connection for your GitHub app, and then creating API Data Protection policies that scan for policy violations.
To use the Next Generation API Data Protection for GitHub, first you need to install Netskope GitHub app and configure the API connection to your GitHub organization. The following sections explain how to install Netskope GitHub app and how to configure the connection.
Why you should move to Next Generation API Data Protection?
-
Dramatically simplified policy definition and management: Multi-app/all app policies and multiple DLP profiles in a single policy.
-
Ability to define threat protection policies.
-
Unified inventory page, for threat hunting and forensic analysis.
-
Ultra-low time to detect and remediate to non-compliant activities.
Capability Differences Between Classic & Next Generation API Data Protection
Here is a list of feature parity for GitHub between classic and Next Generation API Data Protection.
Feature | Sub-category | Classic | Next Generation |
---|---|---|---|
Instance selection | - | Yes | Yes (multiple) |
User selection | Target all users | Yes | Yes |
Set of user profiles | Yes | Yes | |
Subset of users | No | Yes | |
Subset of user Profiles | Yes | Yes | |
File Sharing | Share content externally (specific sharing options) | Yes (make repository public) | No |
Add external users to organization/repository | Yes | No | |
File type to scan | All file type | No | Yes |
Specific file type | No | Yes | |
DLP | DLP profile | Yes | Yes (multiple) |
DLP incident | No | Yes | |
Manual remediation action (restrict access) from Incidents page | No | Yes | |
Retroactive scan | - | No | Yes |
Threat protection | Threat protection feature in instance configuration | No | Yes |
Threat protection profile selection | No | Yes | |
Inventory | Inventory dashboard | Yes | Yes (with unified Inventory page) |
Inventory details panel (repository, users, file) | Yes | Yes | |
Manual actions for remediation (restrict to internal collaborators) | No | Yes | |
Action | Alert | Yes | Yes |
Restrict access internal users | No | Yes | |
Notifications | Email notifications | Yes | No |
Detection & Remediation | MTTD & MTTR (Mean time to detect/resolve) | Fast | Ultra-fast |