v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/github_compliance
Overview
2Dashboards
37Controls
33Queries
2Variables
GitHub

Control: 1.3.1 Ensure inactive users are reviewed and removed periodically

Description

Track inactive user accounts and periodically remove them.

Rationale

User accounts that have been inactive for a long period of time are enlarging the surface of attack. Inactive users with high-level privileges are of particular concern, as these accounts are more likely to be targets for attackers. This could potentially allow access to large portions of an organization should such an attack prove successful. It is recommended to remove them as soon as possible in order to prevent this.

Audit

For each repository in use, verify that all user accounts are active.

Remediation

For each repository in use, review inactive user accounts (members that left the organization, etc.) and remove them.

Usage

Run the control in your terminal:

powerpipe control run github_compliance.control.cis_supply_chain_v100_1_3_1

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run github_compliance.control.cis_supply_chain_v100_1_3_1 --share

SQL

This control uses a named query:

repo_inactive_members_review

Tags

category = Compliance
cis = true
cis_section_id = 1.3
cis_supply_chain_v100 = true
cis_type = manual
cis_version = v1.0.0
plugin = github
service = GitHub