GitHub Security Insights
Track GitHub security risks including dependency vulnerabilities, risky merges, unprotected branches, and permission issues.
About this report
Focus specifically on the security aspects of your GitHub repositories with specialized security metrics. Security teams can monitor dependency vulnerabilities, code scanning alerts, and risky practices like unreviewed code merges to improve overall security posture.
Key questions
- How vulnerable are our code dependencies?
- Are we effectively addressing security issues in our repositories?
- Which repositories have the most security problems?
- What GitHub security best practices are we not following?
Visualizations in the report
Dependabot alerts over time (last 90 days)
Tracks vulnerability discovery trends in your dependencies. See whether security issues are increasing or decreasing over time.
Dependabot alerts by severity
Breaks down vulnerable dependencies by criticality. Focus remediation efforts on high and critical issues first.
Dependabot alerts by repository
Maps security findings to specific codebases. Identify which repositories have the most security debt to address.
User count by role
Analyzes permission distribution across your GitHub organization. Ensure access follows least-privilege principles.
Pull requests merged without a review
Flags code changes that bypassed quality controls. These shortcuts often introduce security and quality issues.
Unprotected branches by repository
Shows repositories missing branch protection rules. Implement these safeguards to prevent force pushes and ensure proper reviews.
Get a personalized demo
Book a demo and see how easy it is to get started with CloudQuery Reports. We'll walk you through connecting your data sources and show you the information that's available. Book a demo today for a complete overview of CloudQuery's Reporting tools.
