You can connect your GitHub repository to Bright to automatically open the details of all detected vulnerabilies as GitHub issues and code scanning alerts. The details contain the following information:
  • Issue severity level
  • Details of discovery
  • Possible exposure
  • Remediation suggestions
For each new scan, you can select any of your GitHub repositories integrated with your Bright projects.

For more information about the Bright Integration with GitHub, see https://github.com/marketplace/nexploit-app.

Prerequisites

  • The Issues feature is enabled in your GitHub repository settings.

Step-by-step guide

Connecting Bright to your GitHub repository

  1. Go to the Bright app.
  2. In the left pane, select Organization.
  3. On the Organization page, scroll down to the TICKET MANAGEMENT INTEGRATION section.

  1. Click next to GitHub, and then select Settings.
777
  1. In the dialog box, click Activate GitHub.
  2. On the nexploit.app page, select the repositories to which Bright should have access, and then click Install.
2243
  • You need to install the nexploit.app only if you connect Bright to a certain GitHub account for the first time. At further connections to the same GitHub account, you will be asked to confirm the access by entering the password.

  • At further Bright connections to the same GitHub account, on the nexploit.app web page, you will be able to change the Repositories access settings and save them by clicking Save.

The Bright integration with GitHub is enabled.

761

Configuring GitHub integration with Bright projects

After you have connected Bright to your GitHub account, you need to integrate a specific Bright project with your GitHub repository(ies) to be used for a scan. The integration allows Bright to automatically open the details of all detected vulnerabilities both as issues and code scanning alerts in the associated GitHub repositories.
Moreover, you can select a certain severity level of issues (findings) to be sent to the repositories associated with your Bright project.

To integrate a certain Bright project with your GitHub repository(ies), follow these steps.