# GitHub App OX Security supports pipeline scanning using the GitHub App, which uses GitHub webhooks to trigger scans. This approach does not require modifying CI/CD configurations or adding the OX CLI to pipeline jobs. Instead, OX listens for GitHub events and initiates scans automatically. OX detects pull requests and push events directly from GitHub. Based on the event, OX identifies the modified files and performs a scan. The scan runs outside your pipeline and reports results in the OX UI. No CLI or container is needed inside your GitHub workflow. ## Prerequisites * The GitHub App must be installed in your GitHub organization. * [You must grant the app access to the repositories you want to scan.](/get-started/onboarding-to-ox/source-control/github.md) ## Required Configuration OX initiates scans using webhook data from GitHub. You do not need to add variables or modify settings. You just need to [make sure that webhooks are enabled.](/scan-and-analyze-with-ox/scanning/scanning-ci-cd-pipelines/integrating-source-control-platforms/webhooks-pipeline-integration.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ox.security/scan-and-analyze-with-ox/scanning/scanning-ci-cd-pipelines/integrating-source-control-platforms/app-pipeline-integration/github-app.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.