Scanning Repositories
Learn how to configure and run scans on different types of repositories with various options and settings optimized for your specific use case.
Supported Repository Types
📦
GitHub Public
Public repositories on GitHub
https://github.com/user/repo🔐
GitHub Private
Private repositories with access token
Requires PAT tokenScan Configuration Options
Depth Settings
- • Shallow Scan: Quick analysis of critical files only
- • Standard Scan: Comprehensive analysis (recommended)
- • Deep Scan: Exhaustive analysis with advanced AI patterns
Language Focus
- • Auto-detect: Automatically identifies all languages
- • Primary Language: Focus on specific technology stack
- • Multi-language: Comprehensive analysis across all languages
Security Focus
- • OWASP Top 10: Web application security standards
- • CWE Coverage: Common Weakness Enumeration
- • Custom Rules: Organization-specific security policies
Advanced Scanning Options
Include/Exclude Patterns
Include:
*.js,*.ts,*.py,*.javaExclude:
node_modules/**,*.test.*Branch Selection
• Default branch (main/master)
• Specific branch name
• Pull request branches
• Tag-based scanning
Integration Options
GitHub Actions
GitLab CI
Jenkins
CircleCI
Webhook API
CLI Tool
REST API
GraphQL API
Scanning Best Practices
✓
Start Small
Begin with smaller repositories to understand the scanning process and results format.
✓
Regular Scanning
Set up automated scans on every push to catch security issues early in development.
✓
Focus on Critical Paths
Prioritize scanning authentication, payment, and data handling components.
Quick Actions
Scan Performance
Small repo (<50 files):2-3 minutes
Medium repo (50-200 files):5-8 minutes
Large repo (200+ files):10-15 minutes
Supported Languages
JavaScript
TypeScript
Python
Java
C#
Go
Rust
PHP
Ruby
Swift
Kotlin
C++