Secrets incidents and policy breaks
GitGuardian monitors your perimeter for two types of incidents, hardcoded secrets and sensitive files (or extensions) checked in source control.
Please note that
Historical scansof your perimeter will only look for hardcoded secrets in your entire commit history. Checking for sensitive files will only apply starting from the moment you add your repositories to the GitGuardian perimeter (real-time protection only).
You can find the exhaustive list of GitGuardian secrets detectors in the settings of your workspace.
You can activate or deactivate secrets detectors on an individual basis to refine your focus on incidents.
The frequency of a secrets detector is the number of matched secrets per million of commits.
GitGuardian can monitor other security policies in order to help you cover more threats in your source code. Such as:
- Filenames policy
- File extensions policy
- .gitignore policy
What are Policies?
A policy is a rule enforced on your perimeter.
Policy break incidents are triggered when an event breaks the policy. Alerts are sent for each event that triggers one or more policy break incidents.
This policy ensures that files with certain filenames are not committed.
We have configured a default list of sensitive filenames that commonly represent files that may contain secrets. You can deactivate filenames from the list, but cannot add new filenames to monitor yet.
File extension policy
This policy ensures that files with certain extensions are not committed.
We have configured a default list of sensitive extensions that commonly represent files that may contain secrets. You can deactivate extensions from the list, but cannot add new extensions to monitor yet.
This policy ensures that all your git repositories have a
.gitignore file in their root directory.
This is an indirect security policy as it is the best way to ensure that your secret files are never committed.
A policy break incident is triggered if the file is missing the first time GitGuardian receives an event on the repository or if the file is deleted.
Policy break incidents
Managers of the dashboard can activate or deactivate the different policies in the settings section.
When activated, the policies create policy break incidents that you can find in the Incidents section of your dashboard. If you want to learn more about incidents, please have look at their documentation.