Incidents and occurrences
What is a public secret incident?
Public secret incidents are open issues created when GitGuardian detects secrets within your Public Perimeter.
When secrets are leaked publicly within your company perimeter, they are likely related to your organization and require your attention to assess their impact, and resolve the incident accordingly.
What are the occurrences of a public secret incident?
The same secret can be detected multiple times across different public sources. These individual detections are called occurrences.
GitGuardian streamlines the remediation process by automatically grouping multiple occurrences of the same secret into a single public secret incident.
A public secret occurrence is uniquely identified by the combination of the following parameters:
- The GitHub repository where the secret was detected
- The commit in which the secret was found
- The file containing the secret
- The line within the commit file where the secret occurred.
Each occurrence may have been detected through different attachment reasons. For example, the same incident may group:
- An occurrence leaked 'By dev from perimeter' (a developer from your monitored perimeter was involved)
- Another occurrence leaked 'On organization from perimeter' (the secret was found in a repository belonging to one of your monitored GitHub organizations).
As a result, a single public secret incident may have multiple attachment reasons.
