Secbez Docs

Getting Started

Get started with Secbez in under 5 minutes. Install the GitHub App, connect repositories, and run your first security scan.

1. Create your account

Sign up at secbez.com using your GitHub account. Secbez uses GitHub for authentication — no separate password.

If you are running Secbez self-hosted (enterprise), follow the deployment instructions provided with your license bundle instead. See Enterprise Deployment.

2. Install the GitHub App

After signing in, you are prompted to install the Secbez GitHub App on your GitHub account or organization:

  1. Click Install GitHub App.
  2. Choose which repositories to grant access to (all, or a specific selection).
  3. Approve the requested permissions.

Secbez needs read access to your code, pull requests, and metadata, plus write access to post Check Run results on pull requests. It never pushes commits or modifies branches.

3. Run your first scan

Once the GitHub App is installed, your repositories appear on the dashboard. Open a repository and click Run Scan. The scan parses the entire repository into a code graph and runs the full analysis against it.

The first scan establishes the baseline — all findings detected on that scan are flagged as pre-existing. Subsequent scans separate findings into "new" (introduced since the baseline) and "existing," so review stays focused on net new risk.

4. Review results

Scan results appear in two places:

  • Secbez dashboard — full evidence, severity, confidence, call chain, route reachability, suggested fixes, and history.
  • GitHub Check Run — when a scan runs against a pull request, results are posted as a Check Run with a summary block linking back to the dashboard.

Each finding includes:

  • The vulnerable code with surrounding context.
  • A severity rating (critical, high, medium, low) derived from CVSS 3.1.
  • A confidence level (high, medium, low) reflecting how complete the evidence is.
  • A grounded explanation of why this is exploitable.
  • A suggested fix or remediation prompt you can hand to a coding agent.

Next steps

On this page

1. Create your account2. Install the GitHub App3. Run your first scan4. Review resultsNext steps