Skip to main content

Policies

GitGuardian can monitor other security policies in order to help you cover more threats in your source code. Such as:

  • Filenames policy
  • File extensions policy
  • .gitignore policy

What are Policies?#

A policy is a rule enforced on your perimeter.

Policy break incidents are triggered when an event breaks the policy. Alerts are sent for each event that triggers one or more policy break incidents.

Filenames policy#

This policy ensures that files with certain filenames are not committed.

We have configured a default list of sensitive filenames that commonly represent files that may contain secrets. You can deactivate filenames from the list, but cannot add new filenames to monitor yet.

File extension policy#

This policy ensures that files with certain extensions are not committed.

We have configured a default list of sensitive extensions that commonly represent files that may contain secrets. You can deactivate extensions from the list, but cannot add new extensions to monitor yet.

.gitignore policy#

This policy ensures that all your git repositories have a .gitignore file in their root directory. This is an indirect security policy as it is the best way to ensure that your secret files are never committed.

A policy break incident is triggered if the file is missing the first time GitGuardian receives an event on the repository or if the file is deleted.

Policy break incidents#

Managers of the dashboard can activate or deactivate the different policies in the settings section.

Policies settings

When activated, the policies create policy break incidents that you can find in the Incidents section of your dashboard. If you want to learn more about incidents, please have look at their documentation.