User Guide
  • Fundamentals
    • Quick Start Guide
      • Signing Up
      • Package Discovery
        • Connecting to GitHub
        • Connecting to GitLab
        • Connecting to Azure DevOps
        • Connecting to the CI Pipeline
        • Connecting to the Artifact Server
      • Package Sealing
        • Integrating the CLI in the CI
        • Editing Dependencies
    • Deployments
      • Choosing Your Deployment
      • Automatic Remediation
      • Remote Configuration
      • Local Configuration
      • Artifact Server
    • CLI
      • Download and Installation
      • Scanning
      • Fixing All Dependencies
      • Fixing Specific Dependencies
      • Fixing OS Vulnerabilities
      • Integrating with the CI
      • Uploading Scan Results
      • Commands
      • SCA Integrations
      • JFrog Integration
      • Usage Examples
        • Sealing Application Dependencies
        • Sealing Linux Environments
    • Artifact Server
      • Generating a Token
      • Artifact Server Ordering
      • Configuring the Package Manager
        • Configuring apk
        • Configuring Composer
        • Configuring Go
        • Configuring Gradle
        • Configuring Maven
        • Configuring npm
        • Configuring pip
        • Configuring Poetry
        • Configuring yarn
        • Configuring yum
      • Clearing the Cache
      • Editing Your Dependencies
    • Web Interface
      • Rules Screen
  • APIs
    • List Vulnerable Packages
  • FAQ
  • Vulnerability Disclosure
Powered by GitBook
On this page
  1. Fundamentals

Deployments

PreviousEditing DependenciesNextChoosing Your Deployment

Last updated 5 months ago

The Seal platform supports a variety of deployment methods, allowing you to tailor it to your organization's workflows and needs. You can configure the level of automation you're comfortable with, and divide the responsibilities between the security team and developers in the manner most suited to your organization.

  1. - With this fully automatic deployment, vulnerable packages are sealed automatically whenever a new vulnerability is made public. For the most part, there's no need for manual interference by the developers or the security team. All that is needed is to deploy the sealed version to production.

  2. - With this deployment, vulnerable packages are sealed according to the rules set by the security team through Seal's web interface. The security team controls what gets sealed, and they can fix things independently from the developers. When sealing a vulnerability there is no pull request, and the changes are not tracked by the source control. The CLI is responsible for cleanly applying the security fixes.

  3. - With this deployment, vulnerable packages are sealed according to the rules set by the developers in each project's local configuration file. The developers control what gets sealed, and every change is committed to the organization's source control, but the CLI is responsible for cleanly applying the security fixes.

  4. - With this deployment, the developers are responsible to manually edit the projects' dependencies. This gives the developers full control, and does not depend on integrating Seal's CLI as part of the CI. However, manual edits can be quite challenging, and they require the most effort from the developers.

Automatic Remediation
Remote Configuration
Local Configuration
Artifact Server