Skip to main content
GitHub Integration

This article outlines how to integrate HackEDU with GitHub Code Scans

Rachel Yonan avatar
Written by Rachel Yonan
Updated over 2 years ago

HackEDU has launched an integration with GitHub which allows your organization to automatically use the vulnerabilities found in your security scans to build dynamic training plans for your developers.

Keep in mind, if you have an Enterprise plan, it will scan the organization's private repositories. If you have a non-Enterprise GitHub account, only public repositories are scanned.

Follow the steps below to set up your integration.

Prerequisites

You must be both a HackEDU and GitHub customer with access to code scanning.

Generate a GitHub Token

Login to your GitHub dashboard and create a personal key. We recommend using an account specific to your HackEDU integration.

Set up integration in HackEDU admin dashboard

  1. Log in to HackEDU with an Admin account, and go to your admin dashboard.

  2. Click Settings > Data Integrations in the left menu

  3. Click Add Integration

4. Select GitHub from our list of Integrations

5. Choose whether to apply these vulnerabilities to your entire organization or just to specific teams.

Note: You can click here to see what data we have access to and what we save by continuing with the integration. You can read about HackEDU's security and data policies here.

6. Enter your GitHub Organization name and token for the integration, and click Continue.

7. If you have multiple GitHub repos, you will be prompted to select which you would like to apply to the integration.

8. Confirm the details of your integration and click Finish.

9. Your integration will automatically begin to sync, and will re-sync once a day. You can click on the integration to see the data we've synced, and to open the original GitHub scan results.

Setting up Adaptive Training plans

Now that you have vulnerability data available, you may set up an Adaptive Training plan that customizes your training based on the results of the vulnerability data.

Did this answer your question?