Machine Learning
Detecting secrets with high quality results is a challenging and intricate task. To enhance our detection engine, we opted to train various models to scrutinize code like a professional developer and pinpoint false positives or enrich generic secrets (soon coming).
False Positive Remover
Only workspaces with a Business plan can access this functionality.
When it comes to avoiding false positives, we've pushed imperative programming and regular expressions to their limits. It is simply not possible to write conditions or regular expression patterns for every potential scenario.
To overcome this technological constraint we implemented machine learning to train machines to quickly and efficiently navigate this complex domain and identify the elements we are looking for.
False Positive Remover is an internally developed and trained model, independent of third-party services, that accurately identify and label incidents as 'false positives' through its thorough analysis.
How to use it?
You can improve your workflow by using the Filters > Tags > False Positive filter located in the incidents list page.
This filter allows you to easily identify and manage false positive incidents, helping you streamline your incident resolution process.
FAQ
What does this model consider as "False positive"?
Something that cannot be a secret in any context.
In the example below ("signup_form_confirm_password": " Confirmar contrasinal") looks like a true positive for a regex but is not for our model which analyzes a context (lines before/after)
{
"signup_form_username": "Identificador",
"signup_form_password": "Contrasinal",
"signup_form_confirm_password": " Confirmar contrasinal", <- a regex may consider this a true positive, not our model.
"signup_form_button_submit": "Crear conta",
}
If these are false positives, why don't you just remove them?
During beta, we will safely evaluate the accuracy of the model before potentially using it to remove all false positives upfront.
Are you catching all the false positives I have?
We estimate that in v1 the model can detect 50% of your false positives, on average. We focus on being as accurate as possible and will try to improve our recall over time.
Was this page helpful?
