Skip to content

Integrate GitHub with BoostSecurity


BoostSecurity lets you connect your GitHub organization and apply security checks, including CI/CD supply chain security checks and Dependabot.


Prerequisites


As a pre-requisite to installing the application:

  • Ensure you have a GitHub organization and the following permissions in place.

Permissions


This integration will use the following permissions:

  • Read access - Actions, Dependabot alerts, webhooks, administration, metadata, secret scanning alerts, workflows, and security events.
  • Read & Write access - Checks, Issues, Pull Requests.

1. Connect GitHub to BoostSecurity


To install the GitHub App on your GitHub organization:

  1. Navigate to Settings on the navigation panel and select Integrations; Settings > Integrations.

    Settings and Integratinons

  2. Select the GitHub integration from the Available section.

    GitHub SCM

  3. Select Install: You will be directed to the GitHub App to install the BoostSecurity GitHub App.

  4. Select the appropriate GitHub organization on your account you want to install the BoostSecurity GitHub App.
  5. Select whether to install the GitHub App on All repositories or Only select repositories. It is recommended to install it for all repositories so that it makes it simpler to add the security scanner to new repositories.

    Repository Access

  6. Select Install and Authorize.

Once the installation is completed, the BoostSecurity GitHub card is added to the Settings > Integrations > Installed section. At this point, the BoostSecurity GitHub App is installed on your GitHub organization!!!

GitHub Installed


Next Steps


It is recommended to enable default scanner protection for your GitHub organization.