Microsoft Cloud App Security: Protecting GitHub
Summary
TLDRThis video tutorial explores enhancing GitHub security with Microsoft Cloud App Security (MCAS). It starts by highlighting built-in policies like impossible travel and unusual countries, which apply to GitHub as they do to any app. The script then guides viewers on utilizing GitHub-specific policy templates available in MCAS for simplified security management. Viewers learn to create and customize policies to monitor repository access levels, private repository forking, and OAuth app creation. The tutorial also demonstrates how to set up a custom policy for admin actions, such as enabling repository deletion, and how to investigate triggered alerts within MCAS, encouraging users to share their creative policies and suggestions for product improvement.
Takeaways
- π Protect your GitHub environment with Microsoft Cloud App Security (MCAS).
- π Built-in policies like impossible travel and unusual country access apply to GitHub just like any other app.
- π Customize your security with GitHub-specific policy templates available in MCAS.
- π Use the 'repository access level becomes public' template to detect potential data leaks from public repositories.
- π‘οΈ Enable the 'private repository forking' policy to detect changes in security settings that could lead to data exfiltration.
- π The 'oauth app creation' template helps in identifying when OAuth tokens are created, potentially increasing security risks.
- π©βπ» Create custom policies for specific needs not covered by the existing templates.
- π When creating a policy, specify the app, activity type, and configure alert settings as needed.
- π¨ Receive alerts when certain activities, like enabling repository deletion, are triggered within your GitHub tenant.
- π΅οΈββοΈ Investigate alerts in MCAS to see the exact activity and the user responsible for triggering the alert.
- π‘ Encourage feedback for creative policies and suggestions to improve MCAS.
Q & A
What is the main topic of the video?
-The main topic of the video is discussing how to protect a GitHub environment using Microsoft Cloud App Security (MCAS).
What benefits can users get from connecting GitHub to Microsoft Cloud App Security?
-Users can benefit from built-in policies that apply to any generic app, as well as the ability to create custom policies tailored specifically for GitHub, which can help in detecting security issues and managing security posture.
What are the built-in policies that apply to GitHub like they do for any other app?
-Built-in policies include those for detecting impossible travel and unusual countries, which are applied to GitHub just as they would be for any other app.
How can users find the GitHub-specific policy templates in Microsoft Cloud App Security?
-Users can find the GitHub-specific policy templates by going to the 'Templates' page under 'Control', typing 'GitHub' in the name field, and clicking the plus button on the right of the screen.
What is the purpose of the 'Repository Access Level Becomes Public' policy template?
-The 'Repository Access Level Becomes Public' policy template is designed to help users detect when a GitHub repository is made public, which could potentially lead to the leakage of private data.
What does the 'Enablement of Private Repository Forking' policy template aim to achieve?
-The 'Enablement of Private Repository Forking' policy template aims to help detect when a key security setting is modified in a GitHub tenant, specifically looking at repository forking, to prevent potential duplication and exfiltration of repositories.
What is the 'OAuth App Creation' policy template used for?
-The 'OAuth App Creation' policy template allows users to detect when an OAuth app token has been created, which could potentially be in use in the environment, helping to identify potential security risks.
How can users create a custom policy if the templates do not cover their specific needs?
-If the templates do not cover specific needs, users can create a custom policy by going to the 'Policies' page and creating a new activity policy, specifying the name, selecting the appropriate filters, and defining the activity type to monitor.
Can you provide an example of a custom policy that could be created?
-An example of a custom policy is one that triggers when an admin enables the deletion of a repository in the tenant. This policy would monitor for the 'members can delete repos enabled' activity type and alert the user when this occurs.
How can users investigate an alert triggered by a policy in Microsoft Cloud App Security?
-Users can investigate an alert by clicking on it in Microsoft Cloud App Security to see more details, including the exact activity that triggered the alert and the user who triggered it.
What is the final suggestion made in the video for users who have creative policies or suggestions for improvement?
-The video suggests that users should let the product team know if they have any creative policies or suggestions on how to improve the product.
Outlines
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowMindmap
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowKeywords
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowHighlights
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowTranscripts
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowBrowse More Related Video
Getting Started with Microsoft Defender for Cloud
GitHub Integration in Power Apps | Work with Multiple Developer in a single Power Apps
Learn Microsoft 365 Data Loss prevention Policies in Just 20mins
Things To Do After You Install Kali Linux 2023 - (FOR NOOBS)
How to deploy your websites to Cloudflare's Pages Platform for free
Company Portal || Deploy Store APPs to Android/ IOS Devices || Intune Tutorial Series | Part 16
5.0 / 5 (0 votes)