Lightspin Secures Infrastructure as Code Files with New GitHub Integration

Users can scan GitHub repositories and detect misconfigurations, exposed secrets and other security issues.

April 20, 2022

2 Min Read


TEL AVIV, Israel , April 20, 2022 /PRNewswire/ -- Lightspin, the next-generation cloud security platform, today announced an integration with GitHub that will allow organizations to scan their Infrastructure as Code (IaC) files to proactively prevent code with misconfigurations from being deployed. By detecting and fixing security issues before they are deployed to the cloud, Lightspin helps organizations embrace a "shift left" approach to security.

Shifting security left is a growing trend that requires organizations to detect security issues earlier in the software development life cycle. Yet 77% security professionals think developers find too few vulnerabilities too late in the process, according to a 2021 study. Lightspin helps security and DevOps teams to better understand the security posture of their repositories while saving time and more efficiently using technical resources.

"As IaC adoption soars, it's increasingly important for organizations to understand the security risks and complexities that go along with it," said Or Azarzar, chief technology officer and co-founder of Lightspin. "Misconfigured code and over permissive identities introduced into production can prove to be costly for security teams. Scanning IaC files proactively to prevent these issues from ever being deployed gives organizations peace of mind that they have protected their cloud environment."

Lightspin integrates via a GitHub application to scan repositories for security issues, then prioritizes an organization's repositories based on detected security findings. Once complete, a security or DevOps team can easily view the findings of each file, folder, or repository. Additionally, Lightspin provides an impact log to help teams track changes to their repositories, scanning all pull requests and highlighting the changes that had the biggest impact on their security posture. Security teams can review the details of the pull request to better understand the context.

The GitHub integration is available globally to Lightspin customers at no additional cost. To scan IaC files, users simply install the GitHub app on their repositories.

Follow Lightspin
Twitter: @lightspintech

About Lightspin
Lightspin's next-generation cloud security posture management (CSPM) solution secures cloud and Kubernetes environments from build to runtime and simplifies cloud security for Security and DevOps teams. Using advanced graph-based technology, Lightspin empowers cloud and security teams to eliminate risks and reduce effort by proactively and automatically detecting all vulnerabilities, smartly prioritizing the most critical issues, and easily remediating them. For more information, visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights