Detection Engine Updates Version 2.153

  Release Date: December 5, 2025

This release introduces 6 new detectors with comprehensive coverage for cloud services and databases and support for 883 new secret providers.

New Detectors and Checkers

• HighLevel Private Integration Token: Added a detector and checker for HighLevel Private Integration Token.
• Elastic API Key: Added a detector and checker for Elastic API keys.
• Google Cloud Keys: Added a detector and checker for Google Cloud Keys in base64 format.
• Socket Dev API Key: Added a detector and checker for Socket Dev API keys.
• Upstash Redis Credentials: Added a detector and checker for Upstash Redis credentials.
• Vapid Key: Added a new detector for Vapid keys.

New Checkers

• Oracle Credentials: Added a new checker for Oracle credentials.

Detector Improvements

• Cloudflare API Credentials: Updated checker to work with multiple types of tokens.
• MySQL Credentials: Enhanced recall of MySQL Assignment detector by removing the constraint on the prefix.
• GitLab Token: Updated gitlab_personal_token_v2 to cover new patterns.
• Fireworks AI API Key: Updated detector regex to improve recall.
• JSON Web Token: Fixed detector crashing if the expiration date was set to "inf".
• SSH Credentials: Updated SSH password detector to use an AggregateMatcher instead of explicitly listing multiple matchers.
• Duo Keys: Updated detector to use an AggregateMatcher instead of explicitly listing multiple matchers.
• Azure Event Grid Access Key: Updated Azure Event Grid Access Key With Host detector to use an AggregateMatcher instead of explicitly listing multiple matchers.

Analyzer Upgrades

• AWS IAM: Removed aws_iam analyzer as AWS IAM scope analysis is now performed by NHI integration with AWS.

Miscellaneous

• Added support for 883 new secret providers for improved incident prioritization on generic secrets.