update docs

Legit-Labs · Jan 1, 2024 · ad721b0 · ad721b0
1 parent bacb4cc
commit ad721b0
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 6 deletions.
diff --git a/docs/github/enterprise/enable_push_protection_secret_scanning.md b/docs/github/enterprise/enable_push_protection_secret_scanning.md
@@ -1,12 +1,12 @@
 ---
 layout: default
-title: Enterprise Should Automatically Enable Secret Scanning Across All Organizations/Repositories
+title: Enterprise Should Automatically Enable Secret Scanning Push Protection Across All Organizations/Repositories
 parent: Enterprise Policies
 grand_parent: GitHub Policies
 ---
 
 
-## Enterprise Should Automatically Enable Secret Scanning Across All Organizations/Repositories
+## Enterprise Should Automatically Enable Secret Scanning Push Protection Across All Organizations/Repositories
 policy name: enable_push_protection_secret_scanning
 
 severity: MEDIUM

diff --git a/docs/github/repository/users_allowed_to_bypass_ruleset.md b/docs/github/repository/users_allowed_to_bypass_ruleset.md
@@ -0,0 +1,30 @@
+---
+layout: default
+title: Users Are Allowed To Bypass Ruleset Rules
+parent: Repository Policies
+grand_parent: GitHub Policies
+---
+
+
+## Users Are Allowed To Bypass Ruleset Rules
+policy name: users_allowed_to_bypass_ruleset
+
+severity: MEDIUM
+
+### Description
+Rulesets rules are not enforced for some users. When defining rulesets it is recommended to make sure that no one is allowed to bypass these rules in order to avoid inadvertent or intentional alterations to critical code which can lead to potential errors or vulnerabilities in the software.
+
+### Threat Example(s)
+Attackers that gain access to a user that can bypass the ruleset rules can compromise the codebase without anyone noticing, introducing malicious code that would go straight ahead to production.
+
+
+
+### Remediation
+1. Go to the repository settings page
+2. Under "Code and automation", select "Rules -> Rulesets"
+3. Find the relevant ruleset
+4. Empty the "Bypass list"
+5. Press "Save Changes"
+
+
+
diff --git a/docs/index.md b/docs/index.md
@@ -21,7 +21,4 @@ Supporting:
 And More to come...
 
 ---
-> ℹ️ **NOTE:** This webpage describes only the policies which Legitify supports. To learn more about how to use the cli tool, or contribute the source code, visit [Legitify's GitHub page](https://github.com/Legit-Labs/legitify).
->
-
-<img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=6f4cbb25-54f4-4c47-b611-9b741732bb86" />
+> ℹ️ **NOTE:** This webpage describes only the policies which Legitify supports. To learn more about how to use the cli tool, or contribute the source code, visit [Legitify's GitHub page](https://github.com/Legit-Labs/legitify).