Developer Protection

Developer Protection prevents developers leaking sensitive information such as RSA keys, passwords, and access tokens through the Git version control system. It also detects and warn the developer when using packages with known vulnerabilities.

Developer Protection intercepts git commit commands issued by the developer, and scans all modified files in the Git repository. It prevents to upload the private information in plain text and vulnerable dependencies from Endpoint Security client computers to public locations.

Developer protection is supported on Endpoint Security client E84.60 and higher.

To configure Developer Protection:

1. Access the Harmony Endpoint EPMaaS Administrator portal.

2. Click Policy > Access & Compliance.

3. Select the policy and in the Capabilities & Exclusions pane, click Developer Protection.

4. Select the Developer Protection mode:

   Mode	Description
   Off	Developer Protection is disabled. By default, this option is selected.
   Detect	Information leakage is detected and a log message is generated, but the Commit is allowed. The administrator can examine the audit log Detect messages of the Application Control Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI. component. The developer sees a notification on the client computer.
   Prevent	Information leakage is detected, a log message is generated, and the Commit is blocked. The administrator can examine the audit log Prevent messages of the Application Control component. The developer sees a warning notification on the client computer. The developer can decide to override the notification and allow the traffic (with or without giving a justification). The notification message suggests how to fix the problem. For example, by adding a file to .gitignore, or updating the version in package.json

5. Click Save.

6. Install the policy.

Exclusions to Developer Protection

You can define exclusion to developer protection based on the SHA256 hash of the files.

To define an exclusion to Developer Protection:

1. Access the Harmony Endpoint EPMaaS Administrator portal.

2. Click Policy > Access & Compliance.

3. Select the policy and in the Capabilities & Exclusions pane, click Developer Protection.

4. Click Edit Exclusions.

5. Click Add.

   The New Exclusion window appears.

6. In the Exclusion drop-down, select Developer Protection.

7. In the Method drop-down, select SHA256 Hash.

8. In the Value field, enter the SHA256 hash of the file.

9. (Optional) in the Comment field, enter a description.

10. (Optional) To copy the exclusion to all existing Developer Protection rules, select Copy to all rules.

11. Click OK.

12. Click Save & Install to install the policy.