I am trying to create controls around unauthorized upload of PII data to personal Github accounts. I am looking at two different usecases, the first one deals with uploading the file/code via the Github website and the second one deals with committing it via the Windows commandline. I have figured out a way to deal with the first usecase but couldnt figure out a way to deal with the second.
In short, if any user uses these commands:
git add .
git remote add origin https://github.com/username/repository.git
git commit -m "commit message"
git push -u origin master
It should trigger a violation in the Endpoint section of DLP.