View outbound GitHub API calls at the job level

Available for Enterprise Tier Users only

This feature provides visibility into outbound GitHub API calls made during a job execution. It logs details such as HTTP methods and request paths, helping detect any unauthorized data exfiltration attempts through GitHub.com .

How it Works

Clicking on any Destination in the Network Events tab reveals detailed information about the process that initiated the event, along with its process arguments.

This allows you to:

Identify which processes are making outbound requests.
Inspect HTTP methods and API endpoints used.
Monitor network activity for potential security concerns.

For example, in the screenshot below, clicking on ghcr.io under the Destination column reveals detailed API call logs, including HTTP methods such as GET, POST, HEAD, PATCH, and PUT. This visibility helps track and analyze API interactions effectively.

PreviousDetect tampering of source code during build NextDetermine minimum GITHUB_TOKEN permissions using Harden-Runner

Last updated 8 days ago