Skip to main content

GitHub application installed

ID:github_application_installed
Data type:GitHub
Severity:
Informational

Description

AlphaSOC detected the installation of a GitHub application within an organization. GitHub applications can access organizational data and resources based on the permissions granted during installation.

Impact

Unauthorized GitHub applications can access sensitive code repositories, secrets, and organizational data based on their granted permissions. Threat actors could potentially exploit these permissions to access intellectual property, credentials, or gain access to development resources.

Severity

SeverityCondition
Informational
GitHub application installed

Investigation and Remediation

Review the permissions and access scope of the installed GitHub application. Verify the developer's legitimacy and examine the application's behavior through GitHub audit logs. If the application is unauthorized, uninstall it, rotate any potentially exposed credentials, and review access logs for signs of unauthorized activity.