Github Security info

I am pulling which security services are enabled at repo level using github_repositories specially looking at security_and_analysis data. This only gives us secret_scanning info and not for rest of them. How can I get which other scamning is enabled for the repo

ex -

  • code-scanning-alert
  • code-scanning-pull-request-alerts
  • dependabot-alerts

I am trying to find out the Security coverage and risk for the organization

Hey @hk_cloudquery,

First of all, welcome to our community!

Now to answer your questions, we also have these following tables:

Take a look trough all the tables we have published on the Hub for the Github plugin, that should give you most of the information you need, I believe.

If you are still lacking information, feel free to open an issue on our public GitHub repository.

These tables gives the alerts if its enabled for the repo. I am looking at github_repositories to see what is enabled for the repos. I found one column - security_and_analysis but its not showing for all types of the scan.

  • github_code_scanning_alerts
  • github_repository_dependabot_alerts
  • github_organization_dependabot_alerts