Detection Engine Updates Version 2.153
Release Date: December 05, 2025
This release introduces 6 new detectors with comprehensive coverage for cloud services and databases, significant Rust migration for pattern matching performance, and support for 883 new secret providers.
New Detectors and Checkers
- HighLevel Private Integration Token: Added a detector and checker for HighLevel Private Integration Token.
- Elastic API Key: Added a detector and checker for Elastic API keys.
- Google Cloud Keys: Added a detector and checker for Google Cloud Keys in base64 format.
- Socket Dev API Key: Added a detector and checker for Socket Dev API keys.
- Upstash Redis Credentials: Added a detector and checker for Upstash Redis credentials.
- Vapid Key: Added a new detector for Vapid keys.
New Checkers
- Oracle Credentials: Added a new checker for Oracle credentials.
Detector Improvements
- Cloudflare API Credentials: Updated checker to work with multiple types of tokens.
- MySQL Credentials: Enhanced recall of MySQL Assignment detector by removing the constraint on the prefix.
- GitLab Token: Updated gitlab_personal_token_v2 to cover new patterns.
- Fireworks AI API Key: Updated detector regex to improve recall.
- JSON Web Token: Fixed detector crashing if the expiration date was set to "inf".
- SSH Credentials: Updated SSH password detector to use an AggregateMatcher instead of explicitly listing multiple matchers.
- Duo Keys: Updated detector to use an AggregateMatcher instead of explicitly listing multiple matchers.
- Azure Event Grid Access Key: Updated Azure Event Grid Access Key With Host detector to use an AggregateMatcher instead of explicitly listing multiple matchers.
Analyzer Upgrades
- AWS IAM: Removed aws_iam analyzer as AWS IAM scope analysis is now performed by NHI integration with AWS.
Miscellaneous
- Added support for 883 new secret providers for improved incident prioritization on generic secrets.
