Detection Engine Updates Version 2.142
Release Date: July 2, 2025
This release introduces new detectors for AI71 and AMP API tokens, along with significant improvements to existing detectors and analyzers, such as those for GitHub, Slack, and DigitalOcean, enhancing detection accuracy and performance.
New Detectors
- AI71 API Key – Detects API keys for AI71 services.
- AMP API Token – Recognizes API tokens for AMP services.
New Checkers
These checkers are implemented to verify the detected secrets, adding another layer of security and ensuring their validity and correct application:
- AI71 API Key
- AMP API Token
Detector Improvements
- Kubernetes Docker Secret – Enhanced detection for
kubernetes.io/dockercfgsecrets with more precise regex for JWTs. - MySQL Assignment – Restricted the maximum number of secrets per document to prevent combinatorial explosion.
- Sourcegraph Token – Updated regex for
sourcegraph_access_token_v3as per customer request. - GitHub Access Token – Improved GitHub classic analyzer performance.
- HashiCorp Vault Token – Improved precision for HashiCorp Vault token detection.
- Confluent Keys – Updated checker for Confluent API keys.
- GitHub Fine-Grained PAT – Analyzer now handles archived repositories.
- Slack Tokens – Improved SlackBot analyzer performance. Applies to Slackbot, Slack App, and Slack User tokens.
- DigitalOcean Spaces Token – Fixed checker for tokens that do not have permission to list buckets.
