1. SAST Online
  2. Application Security News and Articles
  3. From Cloud to Code: Salt Cloud Connect Now Scans GitHub
Authenticate your profile to see activity

From Cloud to Code: Salt Cloud Connect Now Scans GitHub

One of our most-loved features is Salt Cloud Connect.

In a world of complex deployments, it’s a breath of fresh air: an agentless discovery model that delivers under 10-minute deployment and rapidly gathering API-specific info in cloud platforms. Customers plug it in, and in minutes, not weeks, they get a “traffic-free”, complete inventory of their APIs across AWS, Azure, GCP, Kong, and Mulesoft.

This “ease of use” provides a “wow” moment of immediate visibility. It's the perfect starting point for API security, and almost immediately, our customers asked us one thing:

“This is amazing for our cloud. Can you apply this same agentless capability to our code?”

Today, we’re thrilled to answer: Yes, we can.

Introducing GitHub Connect: The Capability Expands

We are officially announcing GitHub Connect, the latest expansion of our Cloud Connect functionality.

We've extended our trusted, agentless discovery capability from your cloud platforms directly to your code. It’s the same fast, simple security you know, now “shifted left” into your private GitHub repositories.

A Precision Tool, Not Another Noisy Scanner

This is the most important part: this is not another general-purpose "shift-left" scanner that will drown your teams in thousands of false positives.

This is a precision tool, built for the new AI-driven world.

GitHub Connect is designed to do one thing exceptionally well: scan your private code for high-risk “MCP-related APIs and posture gaps”.

As your developers build and adopt AI agents, they are defining Model Context Protocol (MCP) servers and their APIs in code. GitHub Connect finds these MCPs in the repositories you authorize, giving you the earliest possible visibility into this new, high-risk attack surface.

Immediate Risk Scoring. No Traffic Required.

This is the “wow” moment, now for code.

Just like its cloud counterpart, GitHub Connect delivers immediate, traffic-free value. The second it discovers an MCP-related API in your code, our Risk Score for Connect models analyzes it. You get a fully prioritized, quantifiable risk score without requiring a single packet of traffic.

This is the agentless-enabled visibility and risk info that competitors simply cannot provide.

One Platform. From Code, to Cloud, to Runtime.

GitHub Connect is the first step in a complete security story, feeding its findings directly into the Salt Illuminate™ platform. For the first time, you have a single, unified view of risk that spans:

  1. Code (with GitHub Connect)
  2. Cloud (with Cloud Connect for AWS, Azure, etc.)
  3. Runtime (with Salt's full, deep API inspection)

It's the agentless discovery that gets you started, and it's the foundation for the full, deeper API inspection that Salt is known for. This is the “Agentic AI Action Layer,” secured from its very first line of code.

If you want to learn more about Salt and how we can help you, please contact us, schedule a demo, or visit our website. You can also get a free API Attack Surface Assessment from Salt Security's research team and learn what attackers already know.

The post From Cloud to Code: Salt Cloud Connect Now Scans GitHub appeared first on Security Boulevard.

18 November 2025


>>More