Github activity

GitHub Activity monitoring protects your source code and development pipeline from supply chain attacks, malicious commits, and repository security issues.

Why GitHub Monitoring Matters

Supply Chain Attacks

Attackers increasingly target development infrastructure:

  • Compromised developer accounts pushing malicious code

  • Dependency confusion attacks

  • Malicious packages in package repositories

  • Stolen credentials used to access private repositories

Direct Financial Impact

In Web3, compromised code leads to:

  • Backdoored smart contracts stealing user funds

  • Modified deployment scripts redirecting transactions

  • Injected wallet draining code in frontends

  • Stolen private keys from compromised CI/CD

Monitoring Capabilities

Repository Connection

Connect GitHub repositories to Sentry:

Organization-Level: Link your entire GitHub organization to monitor all repositories automatically.

Selective Monitoring: Choose specific critical repositories (smart contracts, deployment tools, infrastructure code).

Webhook Integration: Sentry registers webhooks to receive real-time events from GitHub.

Commit Monitoring

Author Verification: Detect commits with mismatched author information:

  • Display name doesn't match known team member

  • Email address doesn't match verified organizational emails

  • Suspicious commit author patterns (unusual names, temporary emails)

Commit Overwrite Detection: Alert when git history is rewritten:

  • Force pushes to protected branches

  • Commit amending on shared branches

  • History tampering attempts

  • Deleted commits that may contain evidence

Suspicious Patterns:

  • Large commits outside normal business hours

  • Commits from unusual geographic locations

  • Rapid succession of commits (potential automated attack)

  • Commits to sensitive files (deployment scripts, config files)

Security Scanning Integration

Dependabot Alerts: Automatically ingest and display Dependabot security alerts:

  • Vulnerable dependencies in package.json, requirements.txt, go.mod, etc.

  • Severity levels (critical, high, medium, low)

  • Available patches and upgrade paths

  • CVSS scores and CVE identifiers

Secret Scanning: GitHub's secret scanning results forwarded to Sentry:

  • Exposed API keys, tokens, passwords in code

  • Accidentally committed credentials

  • Private keys and certificates

  • Database connection strings

Code Scanning (GitHub Advanced Security): For organizations with GHAS:

  • CodeQL analysis results

  • SAST (Static Application Security Testing) findings

  • Custom code scanning alerts

  • Compliance rule violations

Repository Health

Branch Protection: Monitor branch protection settings:

  • Required reviews before merging

  • Required status checks

  • Administrator bypass permissions

  • Force push restrictions

Access Control Auditing:

  • Who has write/admin access to critical repositories

  • Recently added collaborators

  • Teams with repository access

  • Outside collaborators

Repository Configuration:

  • Private vs public status

  • Security features enabled (Dependabot, secret scanning)

  • Default branch settings

  • Webhooks and integrations

Next Steps

PreviousAgent Deployment & ManagementNextConfiguration & Best Practices

Last updated