Connecting Repositories
Connect your GitHub repositories to Secbez for automated security scanning on every pull request.
Installing the GitHub App
Secbez integrates with GitHub through a GitHub App. To connect your repositories:
- Open the Secbez dashboard.
- Click Add Repository (or open the Settings → Integrations tab).
- Click Install GitHub App.
- Pick the GitHub account or organization where the repositories live.
- Choose All repositories or select specific ones.
You can adjust the repository selection at any time from your GitHub account: Settings → Applications → Installed GitHub Apps → Secbez → Configure.
Required permissions
| Permission | Access | Purpose |
|---|---|---|
| Repository contents | Read | Read source code for scanning and graph indexing |
| Pull requests | Read | Detect new and updated PRs to scan |
| Checks | Write | Post scan results as Check Run annotations |
| Metadata | Read | List repositories, branches, and workflow runs |
Secbez never writes to your code, never pushes commits, and never modifies branches or PRs.
Managing connected repositories
The dashboard shows every connected repository with its scan history. From there you can:
- Run a manual full scan to (re)establish the baseline.
- View scan history and drill into any past scan run, including step-by-step timing.
- Configure per-repository policy — severity thresholds, suppressions, and notification rules.
- Inspect baseline findings that exist outside of new PRs.
To disconnect a repository, remove it from the GitHub App's repository selection on GitHub. Existing findings remain on the dashboard until you delete them, so you don't lose history.
Self-hosted / Enterprise
If you are running Secbez self-hosted, the same GitHub App flow is used but installed against your private app registration. Your deployment can also be wired to a GitHub Enterprise Server instance — see Enterprise → Deployment for details.