Detection Engine Updates Version 2.140
Release Date: June 10, 2025
This release adds 12 new detectors covering GitLab tokens, Kubernetes JWTs, Laravel encryption keys, and API keys for AI services like Dify, Firecrawl, and Llama Cloud. We've also enhanced existing detectors for Ubidots, Azure Cosmos DB, GitLab tokens, and ODBC connections to improve accuracy and reduce false positives.
New Detectors
- Laravel Encryption Key with Host – Detects Laravel encryption keys associated with a host.
- GitLab Feature Flags Client Token with Project ID – Identifies tokens and project IDs for GitLab feature management.
- Kubernetes JWT with Host – Detects JWTs used in Kubernetes environments.
- GitLab Trigger Token – Recognizes tokens for triggering GitLab pipelines.
- Brave Search API Key – Detects API keys for accessing Brave Search.
- GitLab Deploy Token – Identifies deploy tokens for managing GitLab project deployments.
- Firecrawl API Key – Detects API keys for Firecrawl services.
- Dify API Key – Detects API keys for Dify services.
- GitLab Runner Authentication Token – Captures authentication tokens for GitLab runners.
- Ubidots API Key – Detects API keys for Ubidots.
- Vapi API Key – Detects API keys for Vapi services.
- Llama Cloud API Key – Ensures detection of API keys for Llama Cloud.
New Checkers These checkers are implemented to verify the detected secrets, adding another layer of security and ensuring their validity and correct application:
- Laravel Encryption Key with Host
- GitLab Feature Flags Client Token with Project ID
- Kubernetes JWT with Host
- Brave Search API Key
- Firecrawl API Key
- Dify API Key
- GitLab Runner Authentication Token
Detector Improvements
- Ubidots Token – Now includes new secret prefixes and improved checker responses for tokens from disabled accounts.
- Azure Cosmos DB Credentials – Enhanced host pattern to improve recall and detection accuracy.
- GitLab Token – Refined pattern to minimize false positives.
- ODBC Connection String – Advanced detection precision for ODBC strings.
Engine Enhancements
- Expanded detection pattern list for encrypted strings to increase precision.
- Enhanced AssignmentRegexMatcher for
N
prefixed strings in SQL, supporting Microsoft SQL Server.