Security Knowledge Base

This website stores cookies on your computer.These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, please review our Privacy Policy.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.
By clicking “Accept All”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.

Reset

Showing 123 rule(s)

Rule ID	Name	Platform	Category	Severity
DOS4510	Organization should always have a complete profile	GitHub	organization	low
DOS5010	Disable Forking for Private or Internal Repository	GitHub	repository	critical
DOS5020	Default branch name should be main	GitHub	repository	medium
DOS5030	Repository should always have a description	GitHub	repository	low
DOS5040	Repository should be classified with topics	GitHub	repository	low
DOS5050	Repository visibility should be private	GitHub	repository	critical
DOS5060	Pull Requests - Enable auto-merge for a pull request	GitHub	repository	medium
DOS5065	Pull Requests - Always suggest updating pull request branches	GitHub	repository	medium
DOS5070	Pull Requests - Enable automatically delete head branches after pull requests are merged in your repository	GitHub	repository	medium
DOS5500	Security - Vulnerability Alert - Ensure that the Critical severity Dependabot alert is addressed	GitHub	repository	critical
DOS5525	Security - Vulnerability Alert - Ensure that the High severity Dependabot alert is addressed	GitHub	repository	high
DOS5550	Security - Vulnerability Alerts - Make sure that there are no unresolved Dependabot alerts of Critical severity	GitHub	repository	critical
DOS5575	Security - Vulnerability Alerts - Make sure that there are no unresolved Dependabot alerts of High severity	GitHub	repository	high
DOS5600	Branch Protection Rules - Protect your most important branches	GitHub	repository	critical
DOS6010	Disable Repository Forking	GitLab	organization	critical
DOS6710	DevSecOps Control - Ensure Secret Scanning (SS)	GitHub	appsec	critical
DOS6720	DevSecOps Control - Ensure Software Composition Analysis (SCA) / Dependency Scanning	GitHub	appsec	critical
DOS6730	DevSecOps Control - Ensure Static Application Security Testing (SAST) / Code Scanning	GitHub	appsec	critical
DOS6740	DevSecOps Control - Ensure Container Image Scanning (CIS) / Container Scanning	GitHub	appsec	critical
DOS6750	DevSecOps Control - Ensure Infrastructure as Code Scanning (IACS)	GitHub	appsec	critical

DevOps Shield

Browse security rules for Azure DevOps, GitHub, and GitLab

Security Knowledge Base