GitHub application installed
Description
AlphaSOC detected the installation of a GitHub application within an organization. GitHub applications can access organizational data and resources based on the permissions granted during installation.
Impact
Unauthorized GitHub applications can access sensitive code repositories, secrets, and organizational data based on their granted permissions. Threat actors could potentially exploit these permissions to access intellectual property, credentials, or gain access to development resources.
Severity
| Severity | Condition |
|---|---|
Informational | GitHub application installed |
Investigation and Remediation
Review the permissions and access scope of the installed GitHub application. Verify the developer's legitimacy and examine the application's behavior through GitHub audit logs. If the application is unauthorized, uninstall it, rotate any potentially exposed credentials, and review access logs for signs of unauthorized activity.