Loading controls...
Control: 1.2.4 Ensure inactive repositories are reviewed and archived periodically
Description
Ensure inactive repositories are reviewed and archived periodically
Rationale
Inactive repositories (i.e., no new changes introduced for a long period of time) can enlarge the surface of a potential attack or data leak. These repositories are more likely to be improperly managed, and thus could possibly be accessed by many users in an organization.
Note: Bug fixes and deployment of necessary changes could prove complicated for archived repositories.
Audit
Verify that all the repositories in the organization are active, and those that are not are reviewed or archived.
Remediation
Review all inactive repositories and archive them periodically.
Usage
Run the control in your terminal:
powerpipe control run github_compliance.control.cis_supply_chain_v100_1_2_7Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run github_compliance.control.cis_supply_chain_v100_1_2_7 --shareSQL
This control uses a named query:
repo_inactive_more_than_90_days