Detect GitHub Misconfigurations
Description
GitHub misconfigurations can pose significant risks to organizations and individuals who use the platform. A misconfiguration in GitHub can result in sensitive data exposure, intellectual property theft, and compromise of systems. It's crucial to regularly review and monitor GitHub configurations to prevent misconfigurations and ensure the security of sensitive information.
Jit will run the GitHub misconfiguration scanner on schedule and communicate the findings on the Backlog page.
| Stack layer | Security domain | Security tool initiated by this item |
|---|---|---|
| CI/CD Security | GitHub Misconfiguration Detection | Legitify, chain-bench, Jit's MFA & Branch Protection Checkers. |
Checks and Permissions
Legitify and Chain Bench will execute the same checks that they are using in the GitHub Security Plan. The permissions required to run the checks are also identical.
Read more about the checks and permissions in the GitHub Security Plan Documentation.
Updated 5 months ago