Enhancing Security with Access Control Checks

Aikido's checks on Access Controls offers robust security by informing about critical access control practices. This way, you can ensure that only authorized and verified changes are made to your codebase. Some examples of checks are multi-factor authentication, restricting default access rights, and requiring mandatory code reviews.

All Access Controls checks can be found here.

Prerequisite

Only available for GitHub & GitLab connected workspaces.

Access Control Setup for GitHub

For GitLab, no extra authorisation steps need to be taken.

Step 1. In the Main Feed, filter on Access Controls. Click Authorise on GitHub in order to allow Aikido scan for configurations related the access controls.

Step 2. In GitHub, grant permissions to install the Aikido GitHub Config Scanner. It is recommended to select All Repositories.

Step 3. After connecting, Aikido will do a scan for checks mentioned here. After a couple of minutes, you will be able to view them in the Aikido feed. The sidebar will give more information about which repos need configuration adjustments.

Add Custom SAST Rules

Generate SBOM based on open-source packages