availability

Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)

GitHub Enterprise

Integration steps

1. Go to your GitHub Enterprise URL.
2. Select your organization and go to Settings.
3. In the left menu, select Developer settings.
4. Click New GitHub App.
5. Enter a name and Homepage URL for your app.
6. (Optional) Disable the Activate Webhook button.
7. Under Repository permissions, select:
   • Contents: read and write
   • Issues: read and write
   • Metadata: read-only
   • Pull requests: read and write
   • Dependabot alerts (optional): read
   • Dependabot secrets (optional): read
   • Code scanning alert (optional): read and write

info

Enable Dependabot alerts and Dependabot secrets permissions for Dependabot integration.

info

To use the GitHub Enterprise ALM integration for hosting a Semgrep CE rules repository, make sure the rules repository belongs to the organization and, if using limited repository scope, is added to the Only select repositories scope in the app configuration.

8. Save the GitHub App.
9. Go to the Install App section and install the GitHub App.

  

  

10. Return to Developer settings and edit your app.

  

11. Save your App ID for later use.

  

12. At the bottom, click Generate a private key to create a new private key. The key will be downloaded automatically.

  

  

13. Go to your Invicti AppSec instance.
14. Select Settings from the left menu.
15. Go to the Application Lifecycle Management section.
16. Click the Active button on GitHub Enterprise.
17. Enter the App ID and PEM key. If you use GitHub Enterprise On-premises, select Integrate with On-premises version.

  

18. Click Test Connection.
19. If the test passes, click Save.

---

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center