Skip to main content

2 posts tagged with "prioritization"

View All Tags

Secret Enricher - From Generic to Actionable

calendar icon   Release Date: December 17, 2025

Secret Enricher thumbnail

We're transforming how you interact with generic incidents. Secret Enricher replaces vague detector names with precise, ML-enriched secret identities, making every incident immediately actionable.

What's changed?

Instead of seeing generic detector names like "Generic Database Assignment" or "Generic High Entropy Secret," you now see the actual enriched secret type directly in the incident list:

  • ❌ Before: "Generic Database Assignment"

  • ✅ Now: "Redis Identifiers", "PostgreSQL Connection String", "MongoDB Credentials"

  • ❌ Before: "Generic High Entropy Secret"

  • ✅ Now: "Stripe API Key", "AWS Access Key", "Twilio Auth Token"

Why does this matter?

This shift from detector-centric to enrichment-driven incidents fundamentally changes how you understand and prioritize your security posture:

  1. Instant Context: Know exactly what type of secret leaked at a glance—no need to open each incident
  2. Faster Triage: Immediately identify critical infrastructure secrets (databases, cloud providers, payment systems)
  3. Confident Prioritization: Clear secret categories help you focus on high-impact incidents first
  4. Accelerated Remediation: Understanding what leaked speeds up the remediation workflow

How it works

Powered by our Secret Enricher v2 machine learning model, the platform analyzes the full context around generic secrets to identify:

  • Provider: The specific service (Redis, Stripe, AWS, etc.)
  • Category: The type of service (Database, Payment System, Cloud Provider, etc.)
  • Family: Broader grouping for filtering and analysis

When our ML model successfully enriches a generic incident, the enriched name automatically becomes the primary display name throughout the platform—in incident lists, dashboards, filters, and reports.

What's next?

This enhancement brings us closer to our ultimate goal: zero generic secrets in your workspace. By making ML-driven categorization tangible and actionable, we're ensuring every secret detection provides maximum clarity and definition.

The enriched names work seamlessly with all existing Secret Enricher features:

Learn more about Secret Enricher

Enhancements

  • Incident API: Enhanced incident retrieval endpoints to include enriched secret names in API responses for programmatic access.
  • Export Reports: CSV and JSON exports now include both the original detector name and enriched secret name for comprehensive reporting.

Fixes

  • Docker Hub Integration: Fixed an error where users encountered "Input should be 'image' or 'manifest'" when configuring the Docker Hub source connector.

Explore and prioritize your Generic Incidents

calendar icon   Release Date: March 10, 2025

GSE-filters

We are excited to unveil the "Generic Secret Enricher V1", a machine learning model designed to enhance our capabilities in generic secret detection. This innovative model analyzes the entire context of a document, identifying the company and category associated with a secret, thereby providing meaningful insights to help users understand the origin and type of a discovered secret.

New Features

  • Contextual Analysis: Upon detection of a generic secret, our platform analyzes the full document context to determine the associated provider or category of a secret.

  • Efficient Classification: This feature reduces the need for manual classification, enabling users to quickly comprehend the source and nature of a discovered generic secret.

  • New Filters: We've introduced three new filters - Provider, Category, Family - to help identify critical generic incidents. To use these, filter your incidents by the "Generic" type, then apply a combination of these filters.

Goals

Our long-term goal is to provide you with actionable insights, prioritize their generic incidents, and improve their remediation efforts.

Usage

To use the new filters, simply filter your incidents by the "Generic" type, then apply a combination of the Provider, Category, and Family filters. This will help you identify the most significant or critical generic incidents, such as those classified under "Data Storage" or linked to the provider "Postgresql".

Fixes

  • Jira Cloud Issue Tracking Integration: Resolved an issue where integration entered an invalid state after being uninstalled.
  • Microsoft Teams Alerts for Security Incidents: Resolved an issue where the wrong team was displayed during configuration.

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status