Elevate your secrets security posture with GitGuardian Secrets Detection’s latest releases
Turn over every stone for secrets
For the last five years, GitGuardian has been the trusted partner of hundreds of organizations looking to tame secrets sprawl. Our commitment doesn’t stop at providing solutions – we’re deeply invested in advancing the industry’s understanding of the challenge. For example, in our latest issues of The State of Secrets Sprawl report, we explored the various corners of development environments where hardcoded secrets end up–from public GitHub repos to Docker images and Infrastructure-as-Code.
Yet, the term “hardcoded” somewhat understates the problem. Secrets aren’t confined to code alone; they can be found in every tool developers see or touch. GitGuardian users can now benefit from first-class support for continuously monitoring productivity tools, and we’re exploring many new data sources besides version control systems.
Contact our team to learn more about what we have in store!
Catch real secrets
Our detection engine continues to grow, now featuring a host of new detectors that have taken our arsenal past the 385 detectors mark (grouped into 322 unique types of secrets supported).
This is a common misconception application and cloud security teams may have. Within large organizations, security teams are often missing a complete inventory of the programming languages, ecosystems (package managers), CI/CD tools, third-party APIs, and cloud services the engineering teams use to build and run their applications. In addition, engineering teams may be doing ‘shadow code,’ introducing new tools and technologies in the stack, without their security team’s approval.
We’re also continuing our efforts to include secrets validity checks where possible to improve the precision of your findings and filter out the false positives before they even reach your incident dashboard. Out of our 310 specific secrets detectors (tied to a provider or a specific technology), 202 already have built-in validity checks!
Here’s a sample of highly requested detectors we’ve shipped to production in 2023:
- Databricks Authentication Token With Hostname
- Hashicorp Vault Token
- Azure Active Directory API Keys
- Docusign API Key
- Pinecone API Key & Pinecone API Key and Environment
- Keycloak API Keys
- Tableau Personal Access Token
- Palantir JWT
- Figma Personal Access Token
- Cloudinary API Keys
- MongoDB Atlas Keys
Prioritize ruthlessly and focus on the incidents that matter
Secrets scanners, and automated security testing tools, in general, are plaguing the industry with the number of alerts they raise, leaving security engineers and developers scratching their heads, not knowing what they should focus on. At GitGuardian, we vowed to offer the users who trust us a different experience.
Automate Incident Severity Scoring
Accelerate incident prioritization with our automated severity scoring system. GitGuardian now evaluates the context, type, validity, and public exposure of secrets to assign accurate severity scores (ranging from low to critical), streamlining incident triage. Skip the manual investigation and start remediating your most critical incidents right away!
You can also override our built-in severity scoring rules or create your own.
Context-based prioritization and remediation
Incident tags are meant to provide security engineers with as much context as possible when investigating an exposed secret:
- Exposed publicly: the visibility of the GitHub repository revealing the secret is set to public.
- From historical scan: one of the occurrences of the incident was detected during an entire history Git scan, as opposed to being caught in real-time.
- Regression: the incident was once resolved, but GitGuardian detected a new occurrence.
- Sensitive file: one of the occurrences of the incident is located in a sensitive file.
- Tagged as false positive in check runs: one of the occurrences of the incident has been tagged as a false positive in a GitHub PR by a developer.
- Test file: one of the incident occurrences is located in a test file.
In July, we added a new tag for incidents where at least one occurrence of the secret was found in the default branch of a repository. Without a surprise, this tag’s value is “Default branch.” In some cases, secrets found on a default branch are more sensitive than others, mainly if this branch is used to trigger deployments to production environments.
Also, when creating severity rules, you can include conditions on the value of the tags of your choice. For example, the severity of incidents with a “Default branch” tag can be automatically set to “critical.”
Automate incident closing
Bid farewell to closing incidents manually 👋 GitGuardian now continuously crawls your open incidents to check if the secrets’ validity has changed. If it finds a newly revoked secret (status = invalid), it will resolve the incident by itself!
Learn more about our automated playbooks in this post:
GitGuardian Blog – Automated Secrets Detection
Fix (faster) with your developers
Bring every developer on board
In the past, inviting new users to a workspace was limited to workspace managers and owners. However, to accelerate developer onboarding, you can now authorize team managers in your workspace to invite users to sign up for an account and join their teams.
Relevant documentation link(s):
Shorten the incident feedback loop
Engaging your developers during the remediation process can be difficult. Previously, we gave security teams the option to generate a sharing link (to an external page) and send it to the involved developer to submit their feedback. Now, developers with a GitGuardian account can access their incidents and directly submit their comments and observations in-app. We’re doing everything we can to shorten the feedback loop!
Relevant documentation link(s):
Pass on remediation guidelines to your developers
No two organizations are alike when it comes to remediating hardcoded secrets! Each set of security, cloud infrastructure, and engineering teams has internal rules for revoking and rotating keys, re-deploying services… and so on.
This is why we now enable you to create remediation steps in GitGuardian, which every developer should follow to stay in line with your organization’s processes for incident response. Custom remediation guidelines can have up to 20 different steps. Each step can have a title, body, and link to a resource such as your internal wikis!
Relevant documentation link(s):
Deploy GitGuardian wherever you need it to be
Our partnership with Replicated, a Kubernetes application delivery and management platform, has helped us deliver the GitGuardian Platform to all kinds of customer-controlled infrastructure.
Since late 2020, organizations with strict data privacy requirements, which usually prefer self-hosting their version control systems (e.g., GitHub Enterprise Server or GitLab Self-Managed), were given the same option with GitGuardian thanks to Replicated and KOTS (Kubernetes Off-The-Shelf).
Earlier this quarter, we made it possible to install GitGuardian on existing Kubernetes clusters using Helm, a popular Kubernetes package manager. You can learn more about this option in our public documentation:
- Installing GitGuardian on an existing K8s cluster with Helm
- Managing secrets and sensitive data in Helm
Get the support you deserve for your rollouts
The GitGuardian team is committed to helping every organization regain control over its secrets and improve its software supply chain security posture. In this spirit, we have grown our Solutions Engineers and Customer Success Managers team to nine members!
We now also have a team of five full-time Site Reliability Engineers (SRE) watching over the infrastructure powering our SaaS platform while lending a helping hand to all our customers on the self-hosted plan, ensuring their instances are up and running around the clock!
Lastly, keep an eye on our release notes and public roadmap!
GitGuardian’s product release notes are always available on our public documentation. Keep an eye on our feature releases, bug fixes, and more!
GitGuardian[doc]
Also, don’t forget to check out our public roadmap and vote for your favorite features (or request new ones)!
*** This is a Security Bloggers Network syndicated blog from GitGuardian Blog - Automated Secrets Detection authored by Ziad Ghalleb. Read the original post at: https://blog.gitguardian.com/elevate-your-secrets-security-posture-with-gitguardian-2023-releases/
