Code Exfiltration By Guest Account

Detects external accounts that have recently been created and have successfully downloaded a repository. Such activity could potentially indicate an attempt to exfiltrate data. If an external user's account was created within the past 7 days and they download a repository, they will fail this check.

Recommended Actions

Please contact the user that invited the external account, or their manager, to verify the origin of the actions.

Default Check Settings

Number Of Days Between Invite Sent And Download: 7

Compatibility

GitHub