My DokuWiki

User Tools

Site Tools

Trace:
github_monitoring

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
github_monitoring [2023/01/27 16:58]
kaduuwikiadmin 		github_monitoring [2023/05/22 20:40] (current)
Line 3: Line 3:
 ===== Introduction ===== ===== Introduction =====
  
-IT staff or developers may be unintentionally leaking corporate secrets on personal GitHub repos without your knowledgeKaduu allows you to capture search terms and check their publication on publicly available Github repositories. If there is a matchwe publish the result with the corresponding linkKaduu connects to Github once per day for each keyword.+GitHub is a web-based platform that is primarily used for version control and collaboration in software development. It is built on top of the Git version control system and offers a wide range of features to support software development teams. 
 + 
 +Using GitHub for an organization can introduce a number of security risks, including: 
 + 
 +  * Data leakage: If an organization uses GitHub to store sensitive data, such as source code, login credentials, or customer data, there is a risk that this data may be accidentally leaked through a misconfigured repository or a compromised account. 
 +  * Insider threats: If an organization uses GitHub to collaborate on projects, there is a risk that an employee or contractor may intentionally or accidentally cause a data breach, for example by committing sensitive information to a public repository. 
 +  * Third-party risks: If an organization uses GitHub to collaborate with third-party vendors or open-source contributors, there is a risk that a malicious actor may use this access to gain unauthorized access to an organization's data or systems. 
 +  * Malicious code injection: If an organization uses GitHub to manage their software developmentthere is a risk that a malicious actor may inject malicious code into the repository, which can then be executed on the organizations systems. 
 +  * Phishing and Social engineering: GitHub is a platform that is widely used for software development and many developers are active on it. Hackers may use phishing and social engineering tactics to gain access to organization's sensitive information. 
 +  * Compromised dependencies: If an organization uses open-source libraries, they may be unknowingly importing a compromised dependency into their codebase.
  
 ===== How can you investigate the results? ===== ===== How can you investigate the results? =====
  
-After you entered the keyword, you should see some results under the "view" button. Please be patient, the search can take up to 2 hours. +Kaduu allows you to capture search terms and check their publication on publicly available Github repositories. If there is a match, we publish the result with the corresponding link. Kaduu connects to Github once per day for each keyword. After you entered the keyword, you should see some results under the "view" button. Please be patient, the search can take up to 2 hours. 
  
 {{::github1.png?800|}} {{::github1.png?800|}}
github_monitoring.1674835085.txt.gz · Last modified: 2023/05/22 20:40 (external edit)

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki