Enhanced email incident alerting controls for members
Release Date: February 27, 2025
You can now manage email notification settings more effectively with an option that allow updates through the API, and customize account-level defaults, ensuring a more tailored communication experience for all members. Learn more
Secrets Detection Engine (v2.133)
Bringing enhanced accuracy and broader coverage:
- New Detectors
- OpenAI Project API Key (v2) – Added support for detecting the new format of OpenAI project API keys.
- OpenAI Admin API Key – New detection capability for OpenAI admin API keys.
- Netlify Token (v2) – Introduced detection for the latest version of Netlify tokens.
- 1Password Service Account Token – New detector added to identify 1Password service account tokens.
- DeepSeek API Key – Now detecting DeepSeek API keys.
- Improved Detection
- OpenAI Service Account – Expanded pattern coverage for better identification.
- Rails Master Key – Updated detection rules to minimize false positives.
- GitHub Tokens – Improved recall and validation for GitHub authentication tokens.
- Groq API Key – Enhanced detection rules for greater accuracy.
- Artifactory Token – New checker added to improve detection effectiveness.
- Generic Passwords – Excluded secrets containing
*****as they are likely false positives. - Dropbox Key – Detector group split into Dropbox Key and Dropbox Access Token for improved granularity.
- FCM API Key – Validity check is no longer available since the API has been removed. While we can no longer retrieve the validity status for FCM secrets, we still detect the keys.
Enhancements
- Jira Issue Tracking Integration:
- Added Incident ID as an optional variable in Jira ticket templates for improved customization.
- Enabled instant ticket creation in Jira without requiring a predefined template.
Fixes
- Users & Teams:
- Incidents: Resolved an issue where restricted users could not view the Vulnerable Sources block.
