eScan adds GitHub access control without Enterprise plans

By AI, Created 10:20 AM UTC, May 20, 2026, /AGP/ – eScan says its Enterprise DLP now enforces corporate-only GitHub authentication across Team, Organization and Enterprise accounts. The update targets a common source-code exposure risk for organizations that use lower-cost GitHub plans without built-in tenant controls.

Why it matters: - GitHub access can expose source code, CI/CD pipelines and secrets if employees sign in with personal or third-party accounts. - eScan’s new control aims to close that gap for organizations that use GitHub Team or Organization plans instead of GitHub Enterprise. - The move is aimed at North American organizations facing tighter scrutiny over access governance and data sovereignty.

What happened: - eScan, the cybersecurity business of MicroWorld Technologies Inc., announced deployment of GitHub Tenant Control in its Enterprise DLP platform on April 29, 2026. - The feature blocks GitHub access when employees try to authenticate with personal credentials or third-party providers such as Google, Apple or Microsoft. - Access is allowed only when users sign in with corporate domain credentials. - The capability applies across GitHub Team, Organization and Enterprise accounts.

The details: - GitHub Enterprise includes SAML single sign-on and centralized authentication controls at $21 per user per month. - GitHub Team costs $4 per user per month and does not include native tenant control features. - eScan says the gap leaves many organizations open to employees accessing repositories through personal credentials or outside identity providers. - eScan’s GitHub Tenant Control is designed to maintain workflow continuity while adding visibility and control. - The company says the feature is also meant to add defense-in-depth for GitHub Enterprise customers. - eScan links the new control to a broader Workspace Tenant Control framework that already covers Google Workspace, Microsoft 365, Dropbox, Atlassian, Slack, Webex, ChatGPT and other platforms. - eScan says its unified approach lets organizations enforce authentication policies across cloud apps from one DLP platform.

Between the lines: - The release is framed around a simple tradeoff: pay more for GitHub Enterprise or accept weaker authentication controls on lower-tier plans. - eScan is positioning DLP as an identity-enforcement layer, not just a data-filtering tool. - The timing tracks with repeated high-profile code and secret leaks, which keep source repositories high on security teams’ priority lists. - Govind Rammurthy, CEO and Managing Director of eScan, said organizations face an “impossible choice” between higher-cost Enterprise access controls and the risk of unaudited personal logins.

What happened: - The company pointed to several incidents to show why GitHub access control matters. - A Mercedes-Benz employee accidentally leaked a GitHub token in June 2024, which exposed access to the company’s GitHub Enterprise Server source code. - The New York Times had repository credentials exposed in January 2024, and its codebase later appeared on 4chan. - A March 2025 compromise involving the tj-actions/changed-files GitHub Action exposed CI/CD secrets, including AWS keys, GitHub tokens and private RSA keys, across 23,000 repositories. - GitHub reported 39 million secrets leaked across its platform in 2024.

What’s next: - eScan is pitching the feature to organizations that want enterprise-grade GitHub authentication controls without buying GitHub Enterprise seats. - The company is also targeting enterprises that want an added layer of authentication enforcement on top of existing controls. - More broadly, eScan appears to be expanding its tenant-control model across more workplace apps and cloud services.

The bottom line: - eScan is turning GitHub login policy into a DLP enforcement problem, and that could give security teams a lower-cost way to reduce repository exposure.