Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for GitHub Free

GitHub Free
GitHub Free icon

Coralogix Extension For GitHub Free Includes:

Dashboards - 5

Gain instantaneous visualization of all your GitHub Free data.

Github Free - Overview
Github Free - Overview
Github Free - Branch Overview
Github Free - Branch Overview
Github Free - Issue Overview
Github Free - Issue Overview
Github Free - Pull Request Overview
Github Free - Pull Request Overview
Github Free - Security Overview
Github Free - Security Overview

Alerts - 11

Stay on top of GitHub Free key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Github Free - A pull request has been closed

A pull request has been closed indicates possible changes to the master branch as the code in the request was merged to the master. Pull requests are part of the normal operations of Github, but the users performing it should be reviewed and verified as it can also consist of malicious actions. Impact If a pull request was made by an attacker, it can contain malicious or defective code intended to harm the organization. Mitigation Verify that the users making the pull requests were legitimate and revert changes if not. MITRE Tactic: TA0008 MITRE Technique: T1080

Github Free - A repository is publicly available

A repository was created or modified be publicly available. Public repositories expose all there content freely on Github. Impact If the code wasn't meant to be public, it's is considered a data leak and can greatly harm the organization. Mitigation Verify that the repository was meant to be public, if not, configure it to be private. MITRE Tactic: TA0009 MITRE Technique: T1213 MITRE Sub-technique: 003

An admin was removed

A removed admin should be inspected and verified as legitimate. Impact An adversary will want to remove an organization admin to revoke access and disrupt normal operations. Mitigation Verify that the remove operation and the admin performing it were legitimate. MITRE Tactic: TA0040 MITRE Technique: T1531

A member was removed

A removed member should be inspected and verified as legitimate. Impact An adversary will want to remove an organization member to revoke access from a user and disrupt normal operations. Mitigation Verify that the remove operation and the user performing it were legitimate. MITRE Tactic: TA0040 MITRE Technique: T1531

A new billing manager or hiring manager has been invited

A new Billing Manager or Hiring Manager that were invited should be inspected and verified as legitimate. The alert will work only with the Webhook integration. Impact An adversary will want to add himself as an organizational manager to get access to the repositories and code base. Mitigation Verify with the owner that the the invited manager is legitimate and cancel the invitation if not. MITRE Tactic: TA0003 MITRE Technique: T1078

A new billing manager or hiring manager has been added

A new Billing Manager or Hiring Manager that were added should be inspected and verified as legitimate. Impact An adversary will want to add himself as an organizational manager to get access to the repositories and code base. Mitigation Verify with the owner that the the added manager is legitimate and remove him if not. MITRE Tactic: TA0003 MITRE Technique: T1078

A new admin was invited

A new admin that was invited should be inspected and verified as legitimate. The alert will work only with the Webhook integration. Impact An adversary will want to add himself as an organizational admin to get access to the repositories and code base. Mitigation Verify with the owner that the the invited admin is legitimate and cancel the invitation if not. MITRE Tactic: TA0003 MITRE Technique: T1078

A new admin was added

A new admin that was added should be inspected and verified as legitimate. The alert will work only with the Webhook integration. Impact An adversary will want to add himself as an organizational admin to get full access to the repositories and code base. Mitigation Verify with the owner that the the added admin is legitimate and remove him if not. MITRE Tactic: TA0003 MITRE Technique: T1078

A new member was invited

A new member that was invited should be inspected and verified as legitimate. Impact An adversary will want to add himself as an organization member to get access to their repositories and code base. Mitigation Verify with the owner that the the invited user is legitimate and cancel the invitation if not. MITRE Tactic: TA0003 MITRE Technique: T1078

A new member was added

A new member that was added should be inspected and verified as legitimate. Impact An adversary will want to add himself as an organization member to get access to their repositories and code base. Mitigation Verify with the owner that the the added user is legitimate and remove him if not. MITRE Tactic: TA0003 MITRE Technique: T1078

Github Free - No logs from Github Free

This rule detects if there are no logs in the last 24 hours for Github Free in the customer account. Note- This alert should configured with relevant app & subsystem. Impact Disabling logging is a tactic that adversaries might employ as part of various MITRE ATT&CK techniques to avoid detection, cover their tracks, or impede incident response investigations. Mitigation Address logging concerns to ensure comprehensive monitoring within the Coralogix SIEM system. MITRE Tactic: TA0005 MITRE Technique:T1562

Integration

Learn more about Coralogix's out-of-the-box integration with GitHub Free in our documentation.

Read More
Schedule Demo