Product Datasheet
Your repos, settings & workflows — backed up cold.
Enterprise-grade, automated backup & recovery for GitHub — full git history, repository settings, teams, webhooks, Actions workflows. Cross-owner restore for break-glass disaster recovery.
Code (git bundle)Issues & PRsSettings & WebhooksActions workflowsEU-hosted
Why CYBBACK
A force-push away from disaster
Full git history
Every branch, tag and ref captured as a portable .bundle file. Skipped automatically when the repo did not change since the previous run.
Drift & integrity checks
Automatic comparison between consecutive backups. Get alerted on suspicious permission changes, mass repo deletions or workflow tampering.
Cross-owner restore
Push the entire history to the original owner, an alternate user / org, with optional repo-name suffix. Async worker, dry-run available.
AES-256-GCM encryption
PAT and backup files encrypted at rest. Master key in Google Secret Manager (EU). Optional client-side encryption per file.
Bring Your Own Bucket
Store backups on your S3-compatible storage. Your data, your provider, your region. Per-backup snapshot of credentials.
Native ZIP exports
Download backups as ZIP — git bundles, JSON snapshots of issues, PRs, releases, settings, webhooks, Actions variables and secret names.
What gets backed up
Your GitHub presence in 10 layers
Source codeFull git mirror — branches, tags, refs (git bundle)
Repository settingsVisibility, default branch, protected branches, topics
IssuesState, labels, milestones, comments, reactions
Pull requestsState, base/head refs, reviews, comments
ReleasesTag name, body, asset URLs and metadata
WebhooksURL, events, secret hash, active state
Teams (org repos)Team name, slug, permission level
Actions workflowsYAML files (in code) + workflow definitions metadata
Actions variablesName + value (restorable via API)
Actions secret namesNames only — values never exposed by GitHub API
Technical specifications
Built on the GitHub REST API
| Authentication | Personal Access Token (classic repo scope, or fine-grained Contents/Metadata/Webhooks/Actions) — encrypted AES-256-GCM in CYBBACK vault |
|---|
| API endpoints | GitHub REST API v3 · Link-header pagination · rate-limit aware (5,000 req/h per token) |
|---|
| Code transport | git clone --mirror + git bundle create --all per repo. Bundle skipped if pushed_at unchanged since the last backup |
|---|
| Backup mode | Incremental forever. Issues/PRs/releases via since timestamps, settings/teams/webhooks via full snapshot |
|---|
| Repo selection | All accessible repos (own + collaborator + org member) or manual cherry-pick by owner / repo |
|---|
| Frequency | Manual, daily, weekly, or custom cron expression |
|---|
| Storage backend | Default: CYBBACK secure storage (EU). Optional: BYOB — any S3-compatible provider |
|---|
| Encryption at rest | AES-256-GCM, optional per-user toggle. Manifest excluded from encryption |
|---|
| Restore granularity | Per repo · per service (code, settings, webhooks, workflows, variables) — push to original owner OR alternate user/org with optional name suffix |
|---|
| Restore options | Dry-run · force-overwrite (push --mirror --force) · target owner override |
|---|
| Native exports | ZIP archive — git bundles, JSON of issues/PRs/releases/settings/webhooks/workflows |
|---|
| Drift detection | 3 severity levels (info / warning / critical). Custom thresholds for repo count, mass deletions, permission changes |
|---|
| Notifications | In-app · email · Slack · webhooks |
|---|
| Hosting region | Google Cloud — europe-west1 (Belgium) |
|---|
Trust & compliance
Security you can prove
GDPR-alignedEU residency, DPA on request
AES-256-GCMIndustry-standard encryption
Audit logsEvery action is traceable
EU hostingBelgium (europe-west1)
Start your free trial
Generate a Personal Access Token, paste it into CYBBACK, and snapshot every repo of your account in under 5 minutes.