Creating audit log events for code searches targeting Enterprise's private assets [Beta] #922
Labels
audit logs
Feature: Github audit logs
beta
Feature phase: Beta
cloud
Available on Cloud
enterprise administration
Feature: Enterprise server administration
github enterprise
Product SKU: GitHub Enterprise
Comments
github-product-roadmap
added
audit logs
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Summary
Code search can be a powerful feature for navigating and finding content on GitHub. However, code search can also be used by malicious actors to perform searches aimed to discovering potentially exploitable vulnerabilities within a code base. By crafting targeted search terms, a malicious actor can discover secrets and other sensitive data that may have inadvertently been pushed to the code base or accidentally shared in other elements of the GitHub development ecosystem.
To combat abuse of the code search tool, we aim to make code searches targeting Enterprise's private assets auditable by exposing the target asset (ex. repo, org, etc) and the search parameters in Enterprise's audit logs. This will provide Enterprise owners with the ability to audit code search use and design specific detections to alert on potential malicious code search activity.
To protect our customers' privacy, code search audit log events will only cover code searches targeting private Enterprise assets. As such, the audit log entries not cover global code searches or searches targeting public assets (ex. public repos).
The text was updated successfully, but these errors were encountered: