Skip to main content

Detection Engine Updates Version 2.139

calendar icon   Release Date: May 29, 2025

In our latest release, we have focused on refining our detection capabilities and introducing new tools to enhance the security of your digital assets. This update includes a new detector for GitLab feature flags tokens, along with significant improvements to existing detectors for AMQP credentials, Confluent keys, and Azure services.

New Detectors

  • GitLab Feature Flags Client Token – Detects tokens used for managing feature flags in GitLab projects, crucial for controlling feature rollouts and ensuring smooth deployment processes.

Detector Improvements

  • AMQP CredentialsDetector Upgrade: Enhanced multimatch selection to reduce false positive combinations, vital for secure message queuing in distributed systems.
  • Confluent KeysDetector Upgrade: Improved multimatch selection for better accuracy and fewer false positives, essential for managing access to Kafka clusters.
  • Generic High Entropy SecretDetector Upgrade: Excludes secrets ending with '.certificate' from being reported, reducing noise by ignoring non-sensitive certificates.
  • Artifactory TokenAnalyzer Upgrade: Improved stability by preventing crashes when analyzing secrets with multiple scopes, key for managing and securing software artifacts.
  • Microsoft Azure Storage Connection StringChecker Upgrade: Enhanced to accept additional fields, crucial for accessing and managing Azure storage resources securely.
  • Microsoft Azure Storage Account KeyDetector Upgrade: Increased precision, reducing false positives, critical for safeguarding data in cloud storage.

Miscellaneous

  • Established a priority rule favoring the confluent_api_keys detector over amqp_assignment and amqp_assignment_attached_port detectors.