Monitor projects activity
Proposal
New and updated projects change the security perimeter of an organization. Security Engineers need a way to track changes in projects on a regular basis, especially if features can't apply at the Group level (see Project labels and selectors (#370448 - closed)).
In GitLab's security department, we use our internal Inventory Builder to sync some root namespaces (internal link) and spot updates in our projects. This process not only improves our capacity to monitor new projects, but also helps us to categorize them as soon as they are created to apply our policies. Any suspicious activity related to projects configuration or creation would be spotted in the weekly merge requests (internal link) that are created automatically in our inventory.
Without this kind of activity tracking and the categorization of projects, it's nearly impossible to meet our compliance needs in a timely manner. This change would reduce the time necessary to fix invalid projects or configurations.