GuardRails (Cloud) - Evaluation Guide

Created by Minh Vo, Modified on Thu, 25 Aug, 2022 at 9:09 PM by Minh Vo

Please follow this guide to make sure you get the most out of your GuardRails (Cloud) evaluation.


TABLE OF CONTENTS

Step 1: Setting up

To get started, please install GuardRails on your Git Provider by following this Guideline

Step 2: Follow the basic Tutorial

What You’ll Learn
  • Overview GuardRails Dashboard UI and functionality
  • How to scan a repository
  • How to view details of Vulnerability or Finding

GuardRails Dashboard

After you completed Step 1 and logged in to GuardRails Dashboard with a related Git Provider account, you will see this



In the left panel, there are some nodes:

  • Repositories:

    • This is a place where you can find all accessible repositories

  • Vulnerabilities: 

    • All security issues that engines provide and that are both enabled (aka curated) and pass the expert system (aka not a false positive) will be shown under vulnerabilities.

    • The vulnerabilities will be also categorized by scanning techniques: Code, Dependencies, Secrets, Cloud

  • Findings:

    • All security issues that engines provide and that are either not enabled (aka curated) or didn't pass the expert system (aka false positive) will be shown under findings.

  • Scans:

    • This is the place where you can find the detail of all scanning attempts

  • Insights:

    • GuardRails provides insights into where your security needs work

  • People:

    • This is where you can manage your users and teams

    • In addition to just working with the repository level permissions from the version control systems, GuardRails now offers fine-grained access control. Permissions can now be granted on the GuardRails level on two distinct levels: Users and Teams

  • Settings:

    • This is where you can find all of the configurations needed to configure GuardRails to your needs

  • Documentation:

    • Official GuardRials Online Help where you can find more information on usage, glossary, advanced configuration…

  • Help:

    • Official GuardRails Helpdesk page where you can raise issues, suggestions, feature requests…


Scan a repository

Entire repository

  1. Go to Repositories node
  2. Search for your target repository or select it in the list
  3. Click Scan to scan the entire repository
  4. OR select repository name to go to repository details

Branches

On the repository details page, you can see all related branches

  1. Search for your target branch or select it in the list
  2. Click Scan to scan the branch


Note
  • You can configure the scan to be automatically triggered when the Pull/Merge Request, Commit…happens - based on your using GuardRails Plan


View Vulnerability/Finding details

After the scan is finished, you can

  1. Go to the Scans tab
  2. Select the branch that has just been scanned
  3. Select any Vulnerability/Finding category
  4. Select any Vulnerability/Finding item to view the details


Step 3: Upgrade to other Plans

Enjoying GuardRails? You can upgrade your license to other Plans to get even more.

  • Unlimited Repositories and Programming Languages.

  • Customize scanning engines per your needs.

  • Use the cool Insights and Analytics features

  • Have data retention

  • Use GuardRails API

  • Maintenance & Support (M&S) included

  • Support: call, portal, email and hot-fixes

TIP

How to upgrade the Plan

  1. Go to Settings
  2. Select Subscription
  3. Choose a plan that fits your need
  4. Fill all required fields and click FREE TRIAL to start the trial period



Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article