GitHub Security Alerts Integration

Integration with GitHub Security Alerts

GitHub provides a feature to detect vulnerabilities in libraries as standard.

You can import vulnerabilities detected in the specified GitHub repository on FutureVuls and manage them on FutureVuls. The steps for integration are as follows.

  • Turn on GitHub Security Alerts settings
  • Issue a GitHub token
  • Register the GitHub token for the group from Group settings > External integration by the group administrator
  • Register the desired GitHub “owner/repository name” and token from Server > Details (associations are possible with both actual and pseudo servers)

The specific steps are as follows.

  • Select the desired GitHub repository and token from Server > Details

  • For actual servers, integration will be reflected in the next scan, and for pseudo-servers, integration will be reflected immediately by clicking the “Manual Scan” button.

  • The corresponding library is displayed in Server > Software