Detection Engine Updates Version 2.143
Release Date: July 15, 2025
This release introduces new detectors for GitLab incoming mail tokens, Coze personal access tokens, Tavus API keys, and more. It also includes significant improvements to existing detectors and analyzers, such as those for Zendesk, Sendinblue, and Algolia, enhancing detection accuracy and performance.
New Detectors
- GitLab Incoming Mail Token – Detects tokens used for GitLab incoming mail.
- Coze Personal Access Token – Detects personal access tokens for Coze services.
- Tavus API Key – Recognizes API keys for Tavus services.
- Heroku Platform Key – Detects prefixed variants of Heroku Platform Keys.
- SSH Credentials – New detector
ssh_password_with_portallows matching SSH passwords with ports. - Tableau Cloud PAT – Detects personal access tokens for Tableau Cloud.
- Notion Integration Token v2 – Detects the new Notion token format.
New Checkers
These checkers are implemented to verify the detected secrets, adding another layer of security and ensuring their validity and correct application:
- Coze Personal Access Token
- Tavus API Key
- Heroku Platform Key
- Tableau Cloud PAT
- Notion Integration Token v2
- Salesforce OAuth2
Detector Improvements
- Google OAuth2 Keys – Improved precision for Google OAuth2 detector.
- Zendesk Token – Improved analyzer performance.
- Sendinblue Key – Improved analyzer performance.
- Generic High Entropy Secret – No longer considers IDs in ServiceNow migration files as secrets.
- Algolia Keys – Improved analyzer performance.
- Fastly Personal Token – Improved analyzer performance.
- [Hugging Face User Access] – Improved analyzer performance.
Engine Enhancements
- All JWT detectors will now only catch signed JWTs, enhancing security.
