Charlton's Blog

Securing GitHub With GitHub: Adding SARIF Support to Legitify

My pull request puts reporting right in the Security Center

Published: Apr 27, 2023
Category: Programming, Projects, Security
Tags: , ,

I work with plenty of clients who want their GitHub environments tested for security. And with the OpenSSF’s new Source Code Management Platform Configuration Best Practices guide, tools like Legitify are more important pieces of this strategy than ever. But wouldn’t it be great to automate these security audit checks and show feedback from them right in GitHub?

I’m pleased to announce that day has come. My pull request, which adds SARIF output support to Legitify, has been merged!

Now it’s even easier to run automatic security audits on your GitHub enterprises, organizations, repositories, runners, and more. Just set up the Legitify action, and find your results reported right in the Security Center.