Data Engineer at a tech services company with 201-500 employees
Real User
Top 20
Jul 8, 2025
I am an end user only here with GitHub Code Scanning. I currently might be using the latest version of GitHub Code Scanning, but I don't remember the specific version. I have not utilized the real-time feedback feature in GitHub Code Scanning. I assess the integration capability of GitHub Code Scanning with my existing tools and workflows as well integrated, and it gets easily customized to other tools. Whether your code is in Snowflake, or it's a UNIX script, or SQL script, it would easily get adjusted. Even for .NET scripts, we are using GitHub. With multiple languages, it is easily able to get integrated, and the code also gets integrated with the scripts on the server. An example of how this integration has helped my team collaborate on fixing detected vulnerabilities is that currently, we are working on a healthcare project wherein we create campaigns. If any additional email IDs come, or a practitioner is added, or details about where they're working, all those details come. We create new task flows, and we have a source query wherein the table or data is loaded into staging and then to Salesforce. In Salesforce, there are multiple mini-projects. This gets integrated very well at the place where we need to store it, in a branch, holding things as a branch in a proper structure. Regarding customizing queries in GitHub Code Scanning, we do it earlier only. We customize queries and check if they're running well, then only we do the final work. We don't customize queries in GitHub at the last minute because we are not sure when it is tested if it will work well or not. The automation capability of GitHub Code Scanning has impacted my team's productivity because everybody is able to utilize this facility of proactively recognizing errors. Additionally, anybody randomly making changes may affect the rest of the team. Since it is storing along with the timeline of who has made changes and at what time, the team can take steps accordingly based on that. If there is something not working fine, they can figure out what could have caused the error. I am not aware of the pricing of GitHub Code Scanning because my organization takes care of that; only very high-level management people are aware of that. This solution is deployed in my organization on the cloud. In my earlier organization, it was on-premises, but now they are doing it only in the cloud. This project is also cloud-based. I find GitHub Code Scanning quite stable. On a scale of 1-10, I rate GitHub Code Scanning an 8.
Senior Engineering Manager at a logistics company with 10,001+ employees
Real User
Top 10
Apr 24, 2025
I would rate GitHub Code Scanning as seven out of ten. It would be a powerful feature if GitHub Code Scanning allowed for highlighting vulnerabilities at a class or file level as soon as the developer checks in, rather than waiting for the entire repository scan to complete.
soln architect at a newspaper with 11-50 employees
Real User
Top 20
Mar 13, 2025
The support from community forums is excellent, featuring detailed, professional queries and responses. Experts, including those from the vendor side, contribute valuable insights. Overall, I rate GitHub Code Scanning as a nine. We are just customers of GitHub, not partners or resellers.
You can use the tool locally on your system or in the cloud. I rate it a nine out of ten. It's a very good tool for people who want to start using GitHubCode Scanning, especially for software development or team collaboration. GitHubCode Scanning allows teams to collaborate by uploading files to repositories. For example, if someone is developing an application, they can host the code on GitHub Code Scanning. Other developers can then download the code for testing purposes. If bugs are found, fixes can be applied using the GitHub Code Scanningrepository, and everyone on the team can see the changes. Software developers often use GitHub Code Scanning for version control, and it's essential for CI/CD pipelines to work.
I would recommend GitHub Code Scanning to other users. I encourage users to use the community version first rather than jumping into the enterprise version. They should start using different capabilities of GitHub Code Scanning, and then if they feel that this is the right solution for their company, they can use the enterprise version. Overall, I rate GitHub Code Scanning ten out of ten.
Code scanning is a feature that you use to analyze the code in a GitHub repository to find security vulnerabilities and coding errors. Any problems identified by the analysis are shown in GitHub.
I am an end user only here with GitHub Code Scanning. I currently might be using the latest version of GitHub Code Scanning, but I don't remember the specific version. I have not utilized the real-time feedback feature in GitHub Code Scanning. I assess the integration capability of GitHub Code Scanning with my existing tools and workflows as well integrated, and it gets easily customized to other tools. Whether your code is in Snowflake, or it's a UNIX script, or SQL script, it would easily get adjusted. Even for .NET scripts, we are using GitHub. With multiple languages, it is easily able to get integrated, and the code also gets integrated with the scripts on the server. An example of how this integration has helped my team collaborate on fixing detected vulnerabilities is that currently, we are working on a healthcare project wherein we create campaigns. If any additional email IDs come, or a practitioner is added, or details about where they're working, all those details come. We create new task flows, and we have a source query wherein the table or data is loaded into staging and then to Salesforce. In Salesforce, there are multiple mini-projects. This gets integrated very well at the place where we need to store it, in a branch, holding things as a branch in a proper structure. Regarding customizing queries in GitHub Code Scanning, we do it earlier only. We customize queries and check if they're running well, then only we do the final work. We don't customize queries in GitHub at the last minute because we are not sure when it is tested if it will work well or not. The automation capability of GitHub Code Scanning has impacted my team's productivity because everybody is able to utilize this facility of proactively recognizing errors. Additionally, anybody randomly making changes may affect the rest of the team. Since it is storing along with the timeline of who has made changes and at what time, the team can take steps accordingly based on that. If there is something not working fine, they can figure out what could have caused the error. I am not aware of the pricing of GitHub Code Scanning because my organization takes care of that; only very high-level management people are aware of that. This solution is deployed in my organization on the cloud. In my earlier organization, it was on-premises, but now they are doing it only in the cloud. This project is also cloud-based. I find GitHub Code Scanning quite stable. On a scale of 1-10, I rate GitHub Code Scanning an 8.
I would rate GitHub Code Scanning as seven out of ten. It would be a powerful feature if GitHub Code Scanning allowed for highlighting vulnerabilities at a class or file level as soon as the developer checks in, rather than waiting for the entire repository scan to complete.
The support from community forums is excellent, featuring detailed, professional queries and responses. Experts, including those from the vendor side, contribute valuable insights. Overall, I rate GitHub Code Scanning as a nine. We are just customers of GitHub, not partners or resellers.
You can use the tool locally on your system or in the cloud. I rate it a nine out of ten. It's a very good tool for people who want to start using GitHubCode Scanning, especially for software development or team collaboration. GitHubCode Scanning allows teams to collaborate by uploading files to repositories. For example, if someone is developing an application, they can host the code on GitHub Code Scanning. Other developers can then download the code for testing purposes. If bugs are found, fixes can be applied using the GitHub Code Scanningrepository, and everyone on the team can see the changes. Software developers often use GitHub Code Scanning for version control, and it's essential for CI/CD pipelines to work.
I would recommend GitHub Code Scanning to other users. I encourage users to use the community version first rather than jumping into the enterprise version. They should start using different capabilities of GitHub Code Scanning, and then if they feel that this is the right solution for their company, they can use the enterprise version. Overall, I rate GitHub Code Scanning ten out of ten.