Onboarding Wizard

Use the onboarding wizard to quickly get started. You'll generate an access token to access Seal's artifact server and have the option to connect your source control. This connection allows Seal to automatically scan your repositories for vulnerable packages.

Generating a token

An access token is required to securely connect to Seal's artifact server.

• Click the Generate token button.

• A unique access token will be displayed. Copy it now - for your security, we do not save this token on our servers, and it will not be shown again.

• No worries if you lose it; you can always generate a new token later.

Ready to get started?

Download the Seal CLI for your operating system. To learn how to configure the CLI with your new token, read about how to integrate our CLI into your CI pipeline.

Connecting to your source control

Connecting Seal to your source control is optional but highly recommended. When connected, Seal can scan your projects' dependencies to automatically identify vulnerable packages. Once connected, you can import projects either manually or automatically.

Importing projects

Manual import

With the manual import, you'll provide the direct path to your project's dependency file (e.g., package-lock.json, requirements.txt). Each project will receive a unique name on the Seal platform. You can either use the suggested name or customize it.

Automatic import

The automatic flow allows you to simply check the projects you want to import from a list. If your organization has many repositories, scanning for this list may take a few minutes. You can also click Connect more repositories to import projects from other organizations as needed.

Because the automatic import can handle a large number of projects, Seal will scan them for vulnerabilities asynchronously. This means it may take a little while for all scan results to appear.

After you've finished importing your projects, you'll be directed to the main Protection screen. This screen lists all the vulnerable packages Seal has detected. Keep in mind that initial scans can take some time, so it may be a few minutes before the vulnerabilities for all your imported projects are fully displayed.