GitHub integration
DevOps & CI/CD
GitHub is where your code, infrastructure-as-code, and deployment pipelines live — which means it's also where exposures often originate and where they're fastest to fix. Connecting FortWatch to GitHub turns external attack-surface findings into actionable items inside the same workflow your engineers already use, so a public S3 bucket or an exposed .env doesn't sit in a separate dashboard waiting to be noticed. This integration is currently in active development and not yet live.
Exposed Redis on 203.0.113.10:6379
Unauthenticated database reachable from the internet.
View finding & step-by-step fix →GitHub + FortWatch
When it launches, FortWatch will connect to GitHub through a native GitHub App you install on your organization or selected repositories, authorized via OAuth so you grant only the scopes you need (Issues read/write, optional Checks, and webhook delivery). FortWatch runs its 11 external scanners against your public assets on a continuous schedule; when a new finding is triaged and assigned a severity, FortWatch uses the GitHub REST API to open an Issue in the repository you map to that asset, complete with the affected host/port, evidence, severity label, and remediation steps. The GitHub App keeps state in sync both ways: FortWatch listens for issue webhooks, so closing or resolving the GitHub Issue marks the finding resolved in FortWatch, and a finding that auto-resolves on the next scan closes its Issue with a confirmation comment. Severity maps to GitHub labels (e.g. fortwatch:critical, fortwatch:high) and findings can be routed to repos by asset, so the right team gets the right exposure. Nothing is pushed to your code or branches — FortWatch only reads/writes Issues and, optionally, posts Checks; it never requires write access to repository contents.
FortWatch scans
Eleven scanners watch your external attack surface around the clock — ports, certs, DNS, cloud buckets, exposed files and more.
AI triages the finding
Each issue is scored by real-world impact and packaged with the affected asset and a one-line explanation of the risk.
Delivered to GitHub
The finding lands in GitHub, routed by severity — so the right people see the right alert, fast.
What you'll be able to do
Everything the GitHub integration will bring to your security workflow.
Auto-open a GitHub Issue the moment a new critical exposure is detected (exposed Redis, public cloud bucket, leaked .env) and assign it to the team that owns the affected service.
Map each monitored asset to its source repository so findings land in the codebase that actually deploys the vulnerable host, not a generic security backlog.
Mirror resolution state bidirectionally — close the GitHub Issue and FortWatch marks the finding resolved; a finding that disappears on the next scan auto-closes its Issue.
Use FortWatch severity labels (critical/high/medium/low) to feed existing GitHub triage, project boards, and SLA automations without manual tagging.
Surface DNS and SSL/TLS hygiene gaps (expiring certs, missing SPF/DMARC) as Issues so infra changes get reviewed and tracked like any other engineering work.
Catch regressions after a deploy — when a scan finds a newly exposed port or sensitive file following a release, the Issue lands in the same repo for fast root-cause.
What an alert looks like
Every finding arrives formatted for GitHub — severity up front, the affected asset, and a one-line explanation of why it matters, with a link straight to the step-by-step fix.
- Severity-tagged and color-coded
- The exact asset and port affected
- One click to the full finding & remediation
GitHub[FortWatch] CRITICAL: Exposed Redis on api-cache.example.com:6379\n\nA scan detected an unauthenticated Redis instance reachable from the public internet.\n\nAsset: api-cache.example.com (203.0.113.42)\nPort: 6379 / tcp — Redis, no AUTH required\nSeverity: Critical\nDetected: 2026-06-07 14:22 UTC\n\nWhy it matters: Anyone can read, modify, or wipe cached data and, on many builds, achieve remote code execution. Exposed Redis is a documented mass-ransom target.\n\nRemediation:\n- Bind Redis to 127.0.0.1 or a private interface\n- Require AUTH and enable protected-mode\n- Restrict port 6379 to internal networks via firewall/security group\n\nLabels: fortwatch:critical, fortwatch:open\nClose this Issue once remediated, or FortWatch will auto-close it when the next scan confirms the port is no longer exposed.
Set it up in minutes, once it lands
No agents, no infrastructure changes — just connect GitHub and choose where alerts go.
When it launches, install the FortWatch GitHub App on your organization and pick the repositories it can access.
Authorize the OAuth scopes FortWatch requests (Issues read/write and webhook delivery; Checks is optional).
Map your FortWatch assets to their target repositories so each finding opens an Issue in the right place.
Choose which severities create Issues and confirm the label scheme (fortwatch:critical, fortwatch:high, and so on).
Run a scan or trigger a test event to verify Issues open, labels apply, and closing an Issue resolves the finding in FortWatch.
Why route FortWatch into GitHub?
Security findings that live in a separate tool get ignored; findings that show up as GitHub Issues get triaged, assigned, and fixed alongside everyday engineering work. By delivering triaged exposures with severity and remediation directly into the repo that owns the affected asset, FortWatch shortens the time from detection to fix and keeps your external attack surface visible to the people who can actually close it — without bolting on yet another dashboard.
Frequently asked questions
Is the GitHub integration available now?
Not yet — it's in active development. You can ask to be notified when it launches, and in the meantime FortWatch findings are fully available in the dashboard with email alerts.
Does FortWatch need access to my source code?
No. The integration only reads and writes Issues (and optionally posts Checks). It never requires write access to repository contents and does not push to your branches or modify code.
What happens in GitHub when a finding is resolved?
Resolution stays in sync both ways. Closing the GitHub Issue marks the finding resolved in FortWatch, and when a scan confirms an exposure is gone, FortWatch auto-closes the corresponding Issue with a confirmation comment.
Want the GitHub integration when it ships?
We'll email you the moment it goes live — no spam, just the launch.
Get notified
Secure your entire stack today
Start scanning in under 5 minutes. No credit card required. 14-day free trial included.