GitHub, the widely used code-hosting platform, will soon get enhanced security and continuous threat monitoring from Microsoft Sentinel. The Microsoft-owned repository is receiving deeper integration with Microsoft's Security Information and Event Management (SIEM) platform.
Software supply chains, especially those involving open-source vulnerabilities, are quite vulnerable to threats and attacks. It is evidenced by the Apache Log4j logging library and the Linux PolKit program. Insecure software supply chains have resulted in incidents such as the SolarWinds and Kaseya breaches.
GitHub offers one of the largest repositories of open-source software and code. To better protect the platform, and the platforms that depend on it, enterprise-licensed GitHub repositories will now be monitored by Microsoft Sentinel.
Microsoft Sentinel will ingest GitHub audit logs anddoing so will unlock multiple capabilities, claimed Microsoft in a blog post announcing the integration of the two services. GitHub offers and holds several pieces of code that many businesses and organizations consider sensitive. Proactively monitoring these assets and subsequently shielding them from potential vulnerabilities and attacks should benefit everyone.
Microsoft Sentinel currently has about 15,000 customers. Its customer base shot up by 70% within a single year, revealedMicrosoft CEO Satya Nadella recently. Needless to add, the company’s online security arm is growing rapidly. Nadella added that it has managed to earn revenue of more than $15 billion in the past 12 months.