Code scanning is a feature that you use to analyze the code in a GitHub repository to find security vulnerabilities and coding errors. Any problems identified by the analysis are shown in GitHub.
GitHub Code Scanning is the #21 ranked solution in AST tools. PeerSpot users give GitHub Code Scanning an average rating of 9.6 out of 10. GitHub Code Scanning is most commonly compared to SonarQube Server (formerly SonarQube):
GitHub Code Scanning vs SonarQube Server (formerly SonarQube). GitHub Code Scanning is popular among the large enterprise segment,
accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a
computer software company, accounting for 16% of all views.
As of January 2025, the mindshare of GitHub Code Scanning in the Static Application Security Testing (SAST) category
stands at 0.7%, up from 0.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
Key learnings from peers
Valuable Features
"The solution helps identify vulnerabilities by understanding how ports communicate with applications running on a system. Ports are like house numbers; to visit someone's house, you must know their number. Similarly, ports are used to communicate with applications. For example, if you want to use an HTTP web server, you must use port 80. It is the port on which the web application or your server listens for incoming requests."
"We use GitHub Code Scanning mostly for source code management."
Room for Improvement
"GitHub Code Scanning should add more templates."
Pricing
"The minimum pricing for the tool is five dollars a month."
"GitHub Code Scanning is a moderately priced solution."
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
