Data Loss Prevention

 View Only
  • 1.  Command line uploads to Github

    Posted Jun 05, 2018 01:48 PM

    I am trying to create controls around unauthorized upload of PII data to personal Github accounts. I am looking at two different usecases, the first one deals with uploading the file/code via the Github website and the second one deals with committing it via the Windows commandline. I have figured out a way to deal with the first usecase but couldnt figure out a way to deal with the second.

    In short, if any user uses these commands:

    git add .

    git remote add origin https://github.com/username/repository.git

    git commit -m "commit message"

    git push -u origin master

    It should trigger a violation in the Endpoint section of DLP.

     

     



  • 2.  RE: Command line uploads to Github

    Posted Aug 12, 2022 05:11 PM
    Hi Aakash,

    Did you found how to resolve the usecases? 
    Could you share it?

    Thanks!
    Alex


  • 3.  RE: Command line uploads to Github

    Trusted Advisor
    Posted Aug 15, 2022 08:55 AM
    Aakash..

    Did you add the git.exe command to the Agent > Global Application monitoring section?

    Try to add "git.exe" that and make sure to check the right boxes.

    Make sure you register the Binary Name and Original Filename as "git\.exe".

    You may want to create 2 different ones.
    • Generic
    • Cloud Storage
    Then play with the check boxes, make sure to use FTP, HTTP, Copy to Network Share and Application File Access (read or open).

    ------------------------------
    Good Luck. - RP
    PLEASE MARKED SOLVED WHEN POSSIBLE
    ------------------------------