---
title: GitLab group visibility changed to public
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > GitLab group visibility changed to
  public
---

# GitLab group visibility changed to public
Classification:attackTactic:[TA0009-collection](https://attack.mitre.org/tactics/TA0009)Technique:[T1213-data-from-information-repositories](https://attack.mitre.org/techniques/T1213) 
## Goal{% #goal %}

Detect when a GitLab group visibility changes from private to public.

## Strategy{% #strategy %}

This rule monitors GitLab audit logs for changes indicated by `group_visibility_level_updated`.

An unintended change to public visibility can allow valuable information about the GitLab group and associated repositories to be viewed by a potential attacker.

## Triage and response{% #triage-and-response %}

1. Determine whether the change`{{@custom_message}}` made by `{{@usr.name}}` is expected.
1. If the change was not authorized or unexpected, begin your organization's incident response process and investigate.