VCS Github Audit

This alerts are designed to enhance the security monitoring of Github Audit events. By leveraging Github Audit logs, these detections aim to identify and mitigate common threats and unusual activities related to user activity.

Permissions within the GitHub organization have been altered.

Source table → vcs.github.organization.audit

A new secret (like an API key or token) has been added to a repository.

Source table → vcs.github.organization.audit

A high-security risk configuration setting has been disabled.

Source table → vcs.github.organization.audit

An alert for potential secrets detected in the repository.

Source table → vcs.github.organization.audit

A pre-receive hook for security policy enforcement has been disabled.

Source table → vcs.github.organization.audit