Audit Configuration Modification
ID |
audit_modification |
Severity |
critical |
Resource |
Organization |
Impact
Changes to Source Code Management (SCM) auditing configurations can have serious implications for tracking and auditing the changes and activities within your version control system. Unauthorized changes to SCM auditing configurations can undermine the transparency and accountability of your development process and pose security and compliance risks. Here’s how unauthorized changes to SCM auditing configurations can be exploited:
-
Data Tampering: Unauthorized changes can manipulate or delete audit logs, making it difficult or impossible to track who performed specific actions or what changes were made.
-
Data Loss: Changes to auditing configurations might lead to data loss if logs are disabled or archived. This could hinder forensic investigations or compliance reporting.
-
Security Incidents: Tampering with auditing settings can obscure security incidents, making it challenging to detect and respond to suspicious activities or breaches.
-
Compliance Violations: Unauthorized changes can result in non-compliance with regulatory standards or organizational policies, which could lead to legal or regulatory consequences.
-
Disabled External Integrations: Changes to auditing configurations can disable external integrations, such as the Xygeni Sensor, which could hinder security monitoring and incident response.
