Getting Started
Get started with Secbez in under 5 minutes. Install the GitHub App, connect repositories, and run your first security scan.
1. Create your account
Sign up at secbez.com using your GitHub account. Secbez uses GitHub for authentication — no separate password needed.
2. Install the GitHub App
After signing in, you'll be prompted to install the Secbez GitHub App on your GitHub account or organization:
- Click Install GitHub App
- Choose which repositories to grant access to (you can select all or specific repos)
- Approve the permissions
Secbez needs read access to your code and write access to create check runs on pull requests.
3. Run your first scan
Once the GitHub App is installed, your repositories appear on the dashboard. You have two options:
- Automatic scanning: Open a pull request on any connected repository. Secbez automatically scans the changed files and posts results as a GitHub Check Run.
- Manual full scan: Go to any repository on your dashboard and click Run Scan to scan the entire codebase.
4. Review results
Scan results show up in two places:
- GitHub: Check run annotations appear directly on your pull request with inline code comments highlighting each finding.
- Secbez dashboard: The full results with detailed evidence, severity scores, and remediation guidance.
Each finding includes:
- The vulnerable code with highlighted lines
- A severity rating (critical, high, medium, low)
- A confidence level (high, medium, low)
- An explanation of the vulnerability
- Guidance on how to fix it
Next steps
- Understanding scan modes — learn the difference between PR scans and full scans
- Reading findings — understand what each part of a finding means
- Fix guidance — learn how Secbez helps you remediate issues
- Suppressing false positives — manage noise with suppression rules