Github Security info

hk_cloudquery · January 31, 2025, 9:05pm

I am pulling which security services are enabled at repo level using github_repositories specially looking at security_and_analysis data. This only gives us secret_scanning info and not for rest of them. How can I get which other scamning is enabled for the repo

ex -

code-scanning-alert
code-scanning-pull-request-alerts
dependabot-alerts

I am trying to find out the Security coverage and risk for the organization

stefan · February 1, 2025, 8:18am

Hey @hk_cloudquery,

First of all, welcome to our community!

Now to answer your questions, we also have these following tables:

Take a look trough all the tables we have published on the Hub for the Github plugin, that should give you most of the information you need, I believe.

If you are still lacking information, feel free to open an issue on our public GitHub repository.

hk_cloudquery · February 3, 2025, 1:31pm

These tables gives the alerts if its enabled for the repo. I am looking at github_repositories to see what is enabled for the repos. I found one column - security_and_analysis but its not showing for all types of the scan.

github_code_scanning_alerts
github_repository_dependabot_alerts
github_organization_dependabot_alerts

Topic		Replies	Views
GitHub integration support for pulling SAST findings from advanced security CloudQuery Plugins	3	3	December 6, 2023
Request for filtering repos in CloudQuery GitHub source plugin CloudQuery Plugins	2	2	May 31, 2023
AWS Plugin new version lacks correlated hashes for review on GitHub CloudQuery Plugins	6	14	December 15, 2023
Request for review on new github_repository_branches table implementation CloudQuery Plugins	5	1	April 14, 2023
Real-time alerts for AWS resources created publicly using CloudQuery or other tools CloudQuery Plugins	4	8	November 18, 2023

Github Security info

Related topics