Skip to main content
GitHub App Integration is available for free. See other integrations for more details
SafeDep Cloud is a control and data aggregation service that works with security tools like Vet. This guide walks you through connecting Vet to SafeDep Cloud for centralized policy management and reporting.

What You’ll Accomplish

Query by Risks

Find critical vulnerabilities across all your projects

Policy Violations

Monitor and track policy violations from all Vet instances

Policy Management

Test and deploy policies across all Vet deployments

Malware Analysis

Threat detection backed by cloud malware analysis

Web Onboarding

1

Create Account

Navigate to app.safedep.io and sign up
2

Create Tenant

Complete onboarding and create your tenant, noting the Tenant Domain
3

Generate API Key

Create an API key for use with Vet in your tenant settings
After completing onboarding, you should have:
  • Tenant Domain (e.g., your-company.safedep.io)
  • API Key for authentication
See supported integrations for more details on how to integrate with your SDLC.

Quick Onboarding with Vet CLI

The quickest path is the vet cloud quickstart command:
1

Install Vet

Ensure Vet is installed on your system:
brew tap safedep/tap
brew install safedep/tap/vet
2

Run Quickstart

Run the command and follow the prompts:
vet cloud quickstart

Configure Vet with SafeDep Cloud

Skip this section if you used the vet cloud quickstart command

Authentication Setup

Configure Vet to authenticate with your SafeDep Cloud tenant: 
vet auth configure --tenant <tenant-domain>
You’ll be prompted to enter your API key securely.

Verify Authentication

Confirm that your Vet instance can connect to SafeDep Cloud: 
vet auth verify

Sync Data to SafeDep Cloud

Enable the sync reporting module to send Vet findings to SafeDep Cloud: 
vet scan -M /path/to/package-lock.json --report-sync \
  --report-sync-project my-project \
  --report-sync-project-version my-project-version
The example uses package-lock.json, but Vet supports many package manifest formats and code analysis.

GitHub Actions Integration

Configure vet-action to sync with SafeDep Cloud:
1

Create Secrets

Add these GitHub Action Secrets:
  • SAFEDEP_CLOUD_API_KEY
  • SAFEDEP_CLOUD_TENANT_DOMAIN
2

Update Workflow

Modify your vet-action workflow:
- name: Run vet
  uses: safedep/vet-action@v1
  with:
    cloud: true
    cloud-key: ${{ secrets.SAFEDEP_CLOUD_API_KEY }}
    cloud-tenant: ${{ secrets.SAFEDEP_CLOUD_TENANT_DOMAIN }}

Query Your Data

Once data is syncing, query your tenant’s aggregated inventory and findings: projects, packages, endpoints, and security findings enriched with threat intelligence (vulnerabilities, EPSS, CISA KEV, OpenSSF Scorecard). Queries run through the safedep CLI. For example, to find your top remediation targets by critical CVE count: 
safedep auth login
safedep query exec --sql "
  SELECT packages.name, COUNT(DISTINCT vulnerabilities.vuln_id) AS critical_vulns
  FROM packages
  JOIN component_vulnerabilities ON component_vulnerabilities.component_id = packages.id
  JOIN vulnerabilities ON vulnerabilities.vuln_id = component_vulnerabilities.vulnerability_id
  WHERE vulnerabilities.severity_rating = 'CRITICAL'
  GROUP BY packages.name
  ORDER BY critical_vulns DESC" --limit 15
Prefer a UI? You can also run queries from the web console at app.safedep.io.
See the SQL query guide for the full schema, query rules, and worked examples: severity breakdowns, EPSS enrichment, malware findings, endpoint audit trails, and more.

Next Steps

Query with SQL

Explore your tenant data with the safedep CLI

Authentication Guide

Learn advanced authentication and access control

Malware Analysis

Enable enhanced threat detection capabilities

Cloud FAQ

Find answers to common questions

API Documentation

Integrate SafeDep Cloud with your systems