Product

GitHub Enterprise

4 briefs RSS

GitHub Enterprise Audit Log Streaming Paused

Detection of a user pausing audit log event streaming in GitHub Enterprise, potentially indicating an attempt to evade detection by disabling the audit trail.

GitHub Enterprise +3 github audit-log defense-evasion

2r 2t Jan 4, 2024

medium advisory

GitHub Enterprise IP Allow List Disabled

2 rules 1 TTP

An IP allow list was disabled in GitHub Enterprise, potentially allowing unauthorized access from untrusted networks and exposing sensitive code repositories.

GitHub Enterprise +3 github cloud ip-allow-list bypass security-control anomaly

2r 1t Jan 3, 2024

high advisory

GitHub Enterprise 2FA Requirement Disabled

2 rules 1 TTP

The disabling of two-factor authentication (2FA) in GitHub Enterprise, detected via audit logs, weakens account security and increases the risk of account takeover and supply chain compromise.

GitHub Enterprise +3 github 2fa defense-evasion

2r 1t Jan 3, 2024

medium advisory

GitHub Enterprise Classic Branch Protection Rule Disabled

3 rules 2 TTPs

Detection of disabled classic branch protection rules in GitHub Enterprise, indicating potential bypass of code review and security controls, leading to unauthorized code changes and supply chain compromise.

GitHub Enterprise +4 github branch_protection supply_chain

3r 2t Jan 2, 2024