Getting Started
Manage Targets
Manage Scans
Manage Organizations
Organization Settings
Plans
On Prem
GitHub Issues (On-Prem)
Unlike the Cloud version, ZeroThreat On-Prem uses a Personal Access Token (PAT) for authentication, and all communication happens from within your local network environment.
ZeroThreat On-Prem requires outbound network access to the GitHub API for this integration to function properly. Ensure your firewall allows connectivity to GitHub endpoints.
Prerequisites
Before you begin, ensure:
- Your target is associated with an Enterprise plan that supports Issue Tracking.
- You have permission to create issues in the intended GitHub repository.
- Your On-Prem environment can reach GitHub over the internet.
Step 1: Generate a GitHub Personal Access Token
ZeroThreat On-Prem requires a GitHub Personal Access Token (Classic).
- Log in to your GitHub account.
- Go to Settings → Developer Settings → Personal Access Tokens.
- Click on Tokens (classic).
- Select Generate new token (classic).
.png)
- Provide a name for the token.
- Grant the following permissions:
repoprojectwrite:orgwrite:packages
- Generate the token.
- Copy and securely store the token (it will not be visible again).
.png)
Step 2: Configure GitHub in ZeroThreat On-Prem
- Navigate to the Targets (
.png)
) section. - Click on the target you want to configure. This will open the Target Configuration page.
- Go to the Issue Tracking (
.png)
) section. - Locate GitHub and click Configure.
- In the popup, paste your GitHub Personal Access Token.
.png)
- Click Save.
Your GitHub integration is now connected to the target.
Step 3: Create GitHub Issues from a Scan Report
Once GitHub is connected:
- Go to the Scans (
.png)
) section. - Open a completed scan report.
- Click the GitHub Issue button at the top of the report.
.png)
A GitHub configuration popup will appear.
Step 4: Configure Repository Settings
- In the GitHub Issue popup:
- Include Organization Resources (optional) — Enable this if you want access to org-wide repositories.
- Repository: Select the repository where issues for vulnerabilities should be created.
- Projects (optional): Choose a GitHub Project for tracking and planning (subject to your GitHub permissions).
.png)
- Click Submit to save your selection.
Step 5: Create Issues for Vulnerabilities
- In the scan report, select the vulnerability you want to track.
.png)
- Click Create Issue.
ZeroThreat will generate individual GitHub issues for each finding under that vulnerability.
All findings are immediately pushed to GitHub and can be managed directly from your repository.
You can only create issues for one vulnerability at a time. This helps avoid cluttering your repository. We recommend creating issues only for confirmed and verified vulnerabilities that have a high impact.
Viewing and Managing Issues
After creating issues:
- Go to Created Issues in the scan report to see all created GitHub issues.
.png)
- Click any issue to open it directly in GitHub.
Each GitHub issue includes:
- Detailed vulnerability description
- HTTP request and response evidence
- Proof-of-concept details
- Direct link back to the full ZeroThreat scan report
.png)
In ZeroThreat On-Prem, bi-directional comment synchronization and automatic issue status synchronization are not available. Changes made in GitHub, such as closing an issue or adding comments, will not automatically reflect back in ZeroThreat.
Best Practices
- Use dedicated GitHub tokens for ZeroThreat integration.
- Rotate Personal Access Tokens periodically as part of security hygiene.
- Align vulnerability issue creation with sprint cycles or remediation workflows.
- Ensure firewall rules consistently allow GitHub API communication.
You’re all set with GitHub Issues on ZeroThreat On-Prem.
Next, explore our other integrations — such as Jira, GitLab Issues, Azure Boards, or Trello — to further streamline your remediation workflows.