GitLab project visibility changed
Set up the gitlab integration.
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel,
n'hésitez pas à nous contacter.
Goal
Detects when the visibility level of a GitLab project is changed. Changes to public visibility may expose sensitive code and data to unauthorized users.
Strategy
This rule monitors the project_visibility_level_updated
GitLab audit event. The detection tracks when users modify project visibility settings, which can include changes that make previously private or internal projects publicly accessible.
Triage & Response
- Verify if
{{@usr.name}}
had legitimate authorization to change the project visibility settings. - Examine the specific project that was modified and determine if it contains sensitive code or data that should not be publicly accessible.
- Review the project’s previous visibility level to understand the scope of the exposure change.
- Check if the visibility change aligns with documented business requirements or approved change requests.
- Determine if any sensitive information, credentials, or proprietary code may have been inadvertently exposed through the visibility change.