Plugin Title Org Default Permission
Cloud GITHUB
Category Orgs
Description Checks the default permission given to new users added to an organization.
More Info The default permission given to new organization users should be set to none. Read permissions risk exposing private repositories, while write or admin permissions risk sensitive access to repositories for new users.
AWS Link https://help.github.com/en/articles/repository-permission-levels-for-an-organization
Recommended Action Set the default permission to none or read-only and assign permissions on a more granular repository level.


Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now