Supported Image Visibility:
- ✅ Public images - Accessible to everyone
- ✅ Internal images - Accessible within your organization
- ❌ Private images - Not supported by CybeDefend
CybeDefend Configuration
| Field | Description | Example |
|---|---|---|
| GitHub Username | Your GitHub username or organization | myorg |
| Personal Access Token | GitHub PAT with read:packages scope (required for internal images) | ghp_xxxxxxxxxxxx |
| Description | Optional description for the registry | Production GitHub Registry |
How to Create a Personal Access Token (PAT) in GitHub
A Personal Access Token with the
read:packages scope is required to scan internal container images. Public images can be accessed without authentication.Access GitHub Settings
Go to GitHub → Settings → Developer settings → Personal access tokens → Tokens (classic)
Select Scopes
Select the required scopes for internal container images:
- ✅
read:packages(required for internal images) - Optional:
write:packages(if you need write access)
Security Best Practices
Use Fine-Grained Tokens
Prefer fine-grained PATs over classic tokens when possible for better security.
Minimal Scopes
Only grant
read:packages scope for scanning operations.Set Expiration
Always set an expiration date for your tokens to limit exposure.
Rotate Tokens Regularly
Change your access tokens periodically to minimize security risks.
Troubleshooting
Authentication Failed
Authentication Failed
- Verify the PAT has
read:packagesscope - Check if the token has expired
- Ensure the username matches the token owner
Permission Denied
Permission Denied
- Verify you have access to the repository
- Check package visibility settings
- Ensure organization membership for internal packages
Private Images Not Accessible
Private Images Not Accessible
- Private container images are not supported by CybeDefend
- Change image visibility to Internal or Public to enable scanning
- Contact your GitHub admin to modify package visibility settings