Automate with playbooks

The playbooks enable you to customize and automate GitGuardian behavior. They are accessible in your workspace settings.

If you need other playbooks, do not hesitate to submit your request here.

Auto-healing by the developer involved in secrets incidents

The auto-healing playbook automates the process of sharing incidents with the involved developers via a public share link.

info

To use the auto-healing playbook, the workspace's public sharing capability must be enabled.

Whenever a new incident is detected, GitGuardian will automatically create a public share link of the incident and send an email to the involved developer with the link, unless the developer is already a member of the workspace.

You can choose which options are automatically applied to the public share link:

• the ability to submit feedback on the incident through the provided link with the Feedback collection option
• the ability to resolve or ignore the incident directly via the provided link with the Auto-healing option

The email sent automatically by GitGuardian is not customizable yet.

The emails are sent only to addresses considered as well formed and not matched by one of the exclude patterns aiming at detecting bots.

The auto-healing playbook is created by default by GitGuardian and is only accessible for workspaces under Business plan or in business trial. Only Owner and Managers of the workspace can activate or deactivate the playbook.

Auto-access granting to secrets incidents details for the developer involved (in-app)

The auto-access granting playbook automates the process of giving access to an incident's details in the GitGuardian dashboard, for members with Restricted and Member access levels.

Not only does this apply for real-time detection whenever a new incident is raised, it also applies to all historical incidents the developer was involved in. GitGuardian will automatically give the involved user access to the incident details page in the dashboard, this is done by matching the commit author email against the dashboard user email. Here is a description of the flow:

GitGuardian does not send sign-up invitations to the commit authors, they need to be already Restricted members of the workspace.

Auto-resolve secrets incidents when valid secrets are revoked

The auto-resolution playbook automatically closes incidents that have once been valid and that become invalid. This is in order to facilitate the remediation process.

info

If you prefer to automatically ignore incidents for secrets that become invalid, regardless of whether they were previously valid, use the Auto-ignore incidents for secrets marked as invalid playbook instead.

Not only does this apply for real-time detection whenever an incident is re-checked as invalid, but it also applies to all historical incidents that are concerned. Upon activation of the playbook, the user will be prompted with a message warning that N historical incidents will be resolved when activating the playbook.

Eventually, note that incidents that are automatically closed by this playbook will display an audit log attributed to "GitGuardian Bot" for the corresponding action.

Auto-ignore incidents for secrets marked as invalid

This playbook automatically ignores incidents when the associated secrets become invalid, regardless of their previous state.

info

If you only want to automatically close incidents that were once valid and then become invalid, use the Auto-resolve secrets incidents when valid secrets are revoked playbook instead.

Not only does this apply for real-time detection whenever an incident is re-checked as invalid, but it also applies to all historical incidents that are concerned.

Eventually, note that incidents that are automatically closed by this playbook will display an audit log attributed to "GitGuardian Bot" for the corresponding action.

Auto-ignore secrets incidents with secrets tagged as false positive by GitGuardian

The auto-ignore playbook automatically ignores incidents that have been tagged as False Positive by our internal machine learning model. Our model only works for generic secrets. This helps streamline the remediation process and reduce incident noise.

This playbook is turned on by default. You can change the setting here.

This apply for real-time detection whenever an incident is identified as False Positive. It can also be applied to all historical incidents by launching a historical scan on your perimeter.

Finally, note that incidents automatically ignored by this playbook will display an audit log attributed to "GitGuardian Bot" for the corresponding action.