You are currently viewing GitHub Code Scanning and Secret Scanning are in Limited Public Beta

GitHub Code Scanning and Secret Scanning are in Limited Public Beta

github logo

Code scanning integrates the powerful semantic analysis capabilities of CodeQL into your developer workflow. With code scanning enabled, every git push is scanned for new security concerns and the results are displayed directly in your pull request diffs. We’ve partnered with researchers in the GitHub Security Lab to develop queries that protect you from common coding mistakes like buffer overruns, untrusted data deserialization, and many other OWASP top 10 vulnerabilities. In additional, you can develop your own custom queries, and all our default queries are open source.

Secret scanning for private repositories applies our years of expertise scanning public repositories for committed tokens to your proprietary code. For every commit made to your repository, and its full git history, we’ll look for secret formats from secret scanning partners as well as other generic secret types including SSH keys. Secret scanning can protect you from unauthorized access to the services you use.


I am a g33k, Linux blogger, developer, student and Tech Writer for My passion for all things tech drives my hunt for all the coolz. I often need a vacation after I get back from vacation....

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.