Axura

GitHub Integration

Connect GitHub to scan repositories for security misconfigurations, secret exposure, and code vulnerabilities. Monitor branch protection and access controls.
5 min read
Updated: January 2026
GitHub
Code Security
DevSecOps
Repositories

Overview

The GitHub integration monitors your organization's repositories for security best practices and code security issues.

What Gets Scanned

Branch Protection

Verify required reviews, status checks, signed commits

Secret Scanning

Detect exposed API keys, credentials, tokens

Dependabot Alerts

Track vulnerable dependencies

Code Scanning

CodeQL and third-party scanner results

2FA Status

Organization-wide two-factor authentication

Access Controls

Team permissions, outside collaborators

Setup

Connect GitHub using our GitHub App:

  1. Go to Settings → Integrations → Add Integration → GitHub
  2. Click "Install GitHub App"
  3. Select your organization and repositories
  4. Authorize the app with read-only permissions
💡 Permissions

Axura only requests read-only permissions. We never modify your repositories or code.

Compliance Mappings

GitHub security configurations map to compliance controls:

GitHub FeatureSOC 2 Control
Branch ProtectionCC8.1 - Change Management
Code Review RequiredCC8.1 - Change Management
Secret ScanningCC6.1 - Access Controls
2FA RequiredCC6.1 - Access Controls

Next Steps

Okta Integration

Connect identity management.

Slack Integration

Set up compliance alerts.

Previous
Azure Integration
Next
Okta Integration