Uploading via the desktop application of github does not trigger any policy.
search cancel

Uploading via the desktop application of github does not trigger any policy.

book

Article ID: 266284

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

We are experiencing some issues with a desktop application, maybe you can track this topic with a case. 

Uploading any file containing data like credit cards via the Web Browser to https://github.com/ triggers the dedicated policy correctly. 

However a file upload using the desktop application of github does not trigger any policy.

Environment

Release : 15.8, 16.0

Cause

DLP Endpoint Agent does not natively monitor the GitHub desktop application. 

Resolution

Firstly you'll need to identify which executable part of the application is performing the upload. 

Then run the GetAppInfo tool on the .exe to check it's details. 

Next add the github file upload application to the Global Application Monitoring list in the DLP Enforce console.

To do this, perform the following steps:

Log in to the Enforce console, and then navigate to System -> Agents -> Global Application Monitoring.

Click on Add Application and select Windows to create a new application:

In the Application Information add the following:  

Name:GitHub File Uploader

Binary name:git\.exe

Internal name:

Original Filename:git\.exe

Select the Application Type: Generic

In the Application Monitoring Configuration you will need to select the relevant channels you require. 

In the case of a file upload enable Application File Access and select Read

Additional Information

Article ID: 160730 - How to get the required information for the Application monitoring?

Article ID: 204155 - Not able to monitor uploads to GitHub with Symantec DLP

Article ID: 242845 - Github uploads through command prompt are not detected/scanned by endpoint agent.

Powered by Wolken Software