GitHub Code Scanning Reviews

Name: GitHub Code Scanning
Brand: GitHub
Rating: 4.7 (3 reviews)

4.7 out of 5

3 reviews
100% willing to recommend

What is GitHub Code Scanning?

Code scanning is a feature that you use to analyze the code in a GitHub repository to find security vulnerabilities and coding errors. Any problems identified by the analysis are shown in GitHub.

Get the Static Application Security Testing (SAST) Buyer's Guide and find out what your peers are saying about GitHub Code Scanning, SonarQube Server (formerly SonarQube), Veracode and more!

GitHub Code Scanning is the #19 ranked solution in AST tools. PeerSpot users give GitHub Code Scanning an average rating of 9.4 out of 10. GitHub Code Scanning is most commonly compared to SonarQube Server (formerly SonarQube): GitHub Code Scanning vs SonarQube Server (formerly SonarQube). GitHub Code Scanning is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 15% of all views.

Buyer's Guide

Static Application Security Testing (SAST)

March 2025

Get the category report

Helped 842,194 peers since 2012

Featured GitHub Code Scanning reviews

VishalSingh

Consulting & Solutions, BA/BD in Enterprise IT on Open Source, Red Hat & EDB at KEEN AND ABLE COMPUTERS PVT LTD

You can use the tool locally on your system or in the cloud. I rate it a nine out of ten. It's a very good tool for people who want to start using GitHubCode Scanning, especially for software development or team collaboration. GitHubCode Scanning allows teams to collaborate by uploading files to repositories. For example, if someone is developing an application, they can host the code on GitHub Code Scanning. Other developers can then download the code for testing purposes. If bugs are found, fixes can be applied using the GitHub Code Scanningrepository, and everyone on the team can see the changes. Software developers often use GitHub Code Scanning for version control, and it's essential for CI/CD pipelines to work.

Read full review

reviewer2674647

soln architect at a newspaper with 11-50 employees

GitHub ( /products/github-reviews ) Code Spaces brings significant value with its simplicity and ease of use. It eliminates a lot of manual work that typically accompanies custom solutions, making management and maintenance more straightforward. This is crucial, as maintaining custom environments is usually more challenging. Using GitHub ( /products/github-reviews ) Code Spaces offers advantages in setting up the development environment due to its integrated features. The code review automation feature has accelerated our processes around code quality. It helps developers write better code faster and allows for quicker transitions between development stages. All actions, such as scanning, linting, and moving code between stages, have become more agile and efficient.

Read full review

AnmolGupta

Senior developer at FIL

I would recommend GitHub Code Scanning to other users. I encourage users to use the community version first rather than jumping into the enterprise version. They should start using different capabilities of GitHub Code Scanning, and then if they feel that this is the right solution for their company, they can use the enterprise version. Overall, I rate GitHub Code Scanning ten out of ten.

Read full review

GitHub Code Scanning mindshare

As of March 2025, the mindshare of GitHub Code Scanning in the Static Application Security Testing (SAST) category stands at 0.9%, up from 0.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Static Application Security Testing (SAST)

Key learnings from peers

Last updated Mar 13, 2025

Valuable Features

"GitHub Code Spaces brings significant value with its simplicity and ease of use."
"The solution helps identify vulnerabilities by understanding how ports communicate with applications running on a system. Ports are like house numbers; to visit someone's house, you must know their number. Similarly, ports are used to communicate with applications. For example, if you want to use an HTTP web server, you must use port 80. It is the port on which the web application or your server listens for incoming requests."
"We use GitHub Code Scanning mostly for source code management."

Room for Improvement

"One area for improvement could be the ability to have an AI system digest the reports generated from code scanning and provide a summary. Currently, the reports can be extensive, and users may overlook details, such as outdated libraries, which could be highlighted for attention."
"GitHub Code Scanning should add more templates."