Code Security

Introduction

The Code module provides visibility into your software supply chain. Scan repositories for security issues, manage dependencies, and monitor for vulnerabilities across your codebase.

B

My Workspace

Search

⌘K

Home

Integrations

Compliance

Frameworks

Audits

Policies

Vendors

Risk

Access Reviews

Customer Trust

Trust Center

Security Assistant

Status

Employees

People

Training

Phishing Campaigns

Data Leak

Devices

Device List

Security Checks

Web Browsing

Infrastructure

Attack Surface

Penetration Testing

Typosquatting

Code

Code Security

Dependencies

Code Security

12

Repositories

2

Secrets found

8

Vulnerabilities

RepositorySecretsVulnsDeps

bastion/webapp

03245

bastion/api

12128

bastion/infra

0034

bastion/docs

0167

bastion/mobile

12189

Key Features

Code Security

Scan repositories for secrets and security issues

Dependencies

SBOM management and dependency vulnerability scanning

Why Code Security?

Supply Chain Risks

• Hardcoded Secrets — API keys, tokens, and credentials in source code
• Dependency Vulnerabilities — Known CVEs in libraries
• Malicious Packages — Compromised dependencies
• License Issues — Compliance with open-source licenses
• Outdated Libraries — Missing security patches

Benefits

• Visibility into all repositories and dependencies
• Early vulnerability detection
• License compliance
• Audit readiness

Getting Started

1. Connect Version Control

   Link your GitHub or GitLab organization via the Integrations page.

2. Scan Repositories

   Bastion scans repositories for secrets and security issues.

3. Review Dependencies

   View your full software bill of materials and identify vulnerable packages.

4. Remediate

   Address findings and track remediation progress.

Next Steps

Code Security

Scan repositories for security issues

Dependencies

Manage your software bill of materials