Sttor Documentation

Appearance

First Pull Request Scan

PR scans are your fastest “hello world” because they focus on the delta (what changed).

How It Runs

  • Create or open a PR in an onboarded GitHub repo.
  • DevSecOps Bot automatically scans the PR on events (open/synchronize/reopen), depending on configuration.
  • Results show up in the platform and can be reflected back into PR checks/comments.

What You’ll See

  • Findings grouped by security domain (example: Code/SAST, Dependency/SCA, Secrets, IaC, License).
  • Noise-reduced output (deduping + smart grouping).
  • AI AutoFix suggestions (where applicable) to help remediate during CI, not after merge.

Copyright © 2026 Sttor