GitHub integration

A GitHub integration automatically scans your main branches and all new pull requests for security issues and misconfigurations, daily and without manual effort.

Overview

Once enabled, a GitHub integration seamlessly runs security scans on your repositories. It checks your code for vulnerabilities and misconfigurations, requiring no manual steps after setup.

Scan results appear in your Code Security Scans dashboard shortly after each scan completes, giving your team early and actionable insights.

Key Features

Automated Scanning

  • Scans all main branches automatically through daily scheduled scans
  • Monitors every new pull request in real-time
  • Performs daily security and configuration checks based on your selected security profile
  • Requires no manual triggers or ongoing maintenance
  • Can be temporarily paused through the integration status setting when needed

Comprehensive Coverage

  • Detects security vulnerabilities and misconfigurations
  • Scans both existing code (main branches) and new changes (pull requests)
  • Helps enforce secure development practices early in the workflow
  • Integrates with GitHub status checks to prevent merging of insecure code
  • Posts findings directly as comments in pull requests for immediate developer feedback

Results Delivery

  • Findings are available in the Code Security Scans dashboard
  • Results are clearly organized and actionable
  • Fast turnaround time after each scan completes
  • Supports customizable security profiles to match your organization's needs

Next Steps

Best Practices

  • Enable both scheduled scans and pull request scanning for comprehensive coverage
  • Configure appropriate security profiles based on your project requirements
  • Review scan results regularly in the Code Security Scans dashboard
  • Keep the integration enabled to maintain continuous security monitoring
Enable Verbose LoggingAdding a GitHub integration