How Bearer works
Bearer has a hybrid architecture consisting of two core parts:
  • Bearer Broker is a Go binary which performs Static Code Analysis (SCA) on your source code to gather and send metadata to the Dashboard infrastructure.
  • Bearer Dashboard is a SaaS managed by Bearer. It provides dashboards to bring you visibility over data flows and data security risks.

Bearer Broker

Bearer Broker is a Go binary. It acts as a proxy between Bearer and your source code.
Bearer Broker can be integrated with:
  • Your Source Code Management (SCM) software.
  • Your CI/CD software.

SCM integration

In this configuration, the Broker is deployed as a Docker image and can be hosted:
  • On our infrastructure (SaaS mode).
  • On your infrastructure (on-premise mode).
Hosting the Broker on-premise allows you to:
  • Keep sensitive data, such as your access tokens, inside your private network. This information is never shared with Bearer.
  • Provide controlled access to the network by Bearer, limiting the files Bearer can access, and the actions that Bearer can perform.
Communication between the Broker and Bearer uses the Rails ActionCable protocol. This is a full-duplex communication mechanism built on top of WebSockets.

CI/CD integration

In this configuration, the Broker is deployed in your CI/CD pipeline.

Bearer Dashboard

Bearer dashboard is a SaaS managed by Bearer. It provides views into the metadata collected by Bearer detection engine in the form of:
  • An inventory and a map of your engineering components and data flow.
  • An inbox of data security risks detected and mitigated.
Export as PDF
Copy link