Security Monkey can run on an Amazon EC2 (AWS) instance, Google Cloud Platform (GCP) instance (Google Cloud Platform), or OpenStack (public or private cloud) instance. The only real difference in the installation is the IAM configuration and the bringup of the Virtual Machine that runs Security Monkey.
For monitoring GitHub, please read the GitHub monitoring documentation here.
The Quickstart guide is great for learning about Security Monkey and trying it, but it is not adequate for production deployments. If you follow the steps in Quickstart Security Monkey will not automatically scan your environment and won't scale for large accounts. For production deployment guidance please read Autostarting and Tuning the Watchers/Prioritizing before beginning installation.
- Follow the proper IAM and permissions instructions for your platform: AWS, GCP, OpenStack, GitHub
- Launch a server
- Create a database instance
- Install Security Monkey on your server instance
- Populate your Security Monkey with Accounts
- Create an SSL Certificate
- Setup Nginx
- Login to Security Monkey & load data
- Hardening Security Monkey for Production (Autostarting)
See the User Guide for a walkthrough of Security Monkey's features.
It's easy to extend Security Monkey with new rules or new technologies. Please read our Contributing Documentation for additional details.