Connecting GitHub Issues to Drata allows for the automated checks and evidence collection to prove to auditors that your company follows its vulnerability management policy and procedures.
BEFORE DIVING IN
Make sure you have owner access to your company's GitHub Issues account.
Connect GitHub Issues to Drata:
Select Connections on the side navigation menu.
Select the Available connections tab and then search for 'GitHub Issues' to select the connect button for the GitHub Issues integration.
Within the connection drawer, enter the required information.
Account Alias: Enter a unique identifier or alias for your integration.
Security Label: Enter the label you use to categorize tickets as security issues within GitHub Issues.
Note: Ensure that you are using the labels from your GitHub Issues instance, as Drata will search for these when testing controls related to your company's vulnerability management. If you use different labels, update the fields accordingly.
Critical, High, Medium, and Low Severity Level: Enter the corresponding severity level labels you use for your tickets in GitHub Issues for each severity level field within the connection drawer.
Note: Ensure that you are using the labels from your GitHub Issues instance, as Drata will search for these when testing controls related to your company's vulnerability management. If you use different labels, update the fields accordingly.
Write Access: Toggle on if you would like to create tickets in GitHub Issues. Toggle off if you do not want to create tickets.