Secret scanning validity checks now included in the alert timeline
GitHub secret scanning lets you know if your secret is active or inactive with partner validity checks. These checks are run on an ongoing basis for supported providers for any…
Home / You searched for secret scanning partner / Blog Search
Search results for: secret scanning partner
Secret scanning now automatically performs validity checks for closed alerts
Secret scanning will now continually run validity checks on closed alerts, similarly to the behavior for open alerts today. You can still request on-demand checks for supported secret types from…
Secret scanning for historically existing secrets found in GitHub discussions and pull requests
Secret scanning has recently expanded coverage to GitHub discussions and pull requests. GitHub is now performing a backfill scan, which will detect any historically existing secrets found in GitHub discussions…
Secret scanning changes to detection and validation for Google Cloud Platform, Slack
GitHub secret scanning now supports validity checks for Google Cloud Platform (GCP) account credentials and Slack webhooks. This improvement involves changes to how account credentials for GCP are detected and…
Secret scanning now detects secrets in GitHub wikis
Secret scanning is expanding coverage to GitHub wiki content. If secret scanning is enabled for your repository, you’ll automatically begin to receive alerts for newly introduced secrets found in your…
Secret scanning adds validity checks for Mailgun and Mailchimp
Secret scanning is extending validity check support to Mailgun (mailgun_api_key) and Mailchimp (mailchimp_api_key) API keys. Validity checks indicate if the leaked credentials are active and could still be exploited. If…
Secret scanning adds webhook support for validity checks
The secret_scanning_alert webhook is sent for activity related to secret scanning alerts. Secret scanning webhooks now support validity checks, so you can keep track of changes to validity status. Changes…
Secret scanning adds validity checks for Stripe, Telegram, SendGrid, and more
Secret scanning is extending validity check support to several additional token types. Validity checks indicate if the leaked credentials are active and could still be exploited. If you’ve previously enabled…
Secret scanning detects secrets in GitHub pull requests
Users of secret scanning will now receive alerts for any new secrets exposed in a pull request’s title, description, or comments (including reviews). Alerts can be viewed within the UI…
Enable or disable secret scanning validity checks with the REST API
GitHub Advanced Security users can now use the REST API to enable or disable secret scanning validity checks for a repository, organization, or enterprise. Validity checks retrieve a status for…
Filter secret scanning alerts by validity in the alert list view
GitHub Advanced Security users can now filter their secret scanning alerts by validity in the UI at the repository, organization, and enterprise level. Valid statuses are active, inactive, or unknown.…
Retrieve the validity status of secret scanning tokens with the REST API
GitHub Advanced Security users can now use the REST API to retrieve the validity status of a secret scanning token and retrieve all tokens of a particular validity status. The…
Secret scanning supports validity checks for Discord tokens
GitHub Advanced Security customers that have validity checks enabled for secret scanning will see the validation status for the following Discord tokens: discord_api_token_v2 discord_bot_token View our supported secrets documentation to…
Introducing secret scanning validity checks for major cloud services
Secret scanning now performs validity checks for select AWS, Microsoft, Google, and Slack tokens.
Secret scanning supports validation checks for select AWS, Google, Microsoft, and Slack tokens
GitHub Advanced Security customers that have validity checks enabled will see the validation status for select AWS, Google, Microsoft, and Slack tokens on the alert. The following tokens are supported:…
Secret scanning detects secrets in issues for free public repositories
Users with secret scanning enabled on their free public repositories will now receive alerts for any potential secrets exposed in an issue’s title, description, or comments, including historical revisions. Alerts…
Secret scanning supports on-demand token validity checks
GitHub Advanced Security customers can now perform on-demand validity checks for supported partner patterns, and the alert index view now shows if a secret is active. This builds on our…
Secret scanning alerts are now available (and free) for all public repositories
Secret scanning alerts are now generally available for all public repositories. Admins can now turn on the alert experience with one click.
The crates.io registry is now a GitHub secret scanning integrator
GitHub, the Rust Foundation, and the Rust Project are collaborating to help protect you from leaked crates.io keys. From today, GitHub will scan every commit to a public repository for…
Tencent Weixin now partners with GitHub to notify users if their credentials are exposed in a public repository
GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud. We have partnered…
Secret scanning is now available for free on public repositories
Previously, only organizations with GitHub Advanced Security could enable secret scanning’s user experience on their repositories. Now, any admin of a public repository on GitHub.com can detect leaked secrets in…
The world's largest developer platform
GitHub
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
The GitHub Podcast
Catch up on the GitHub podcast, a show dedicated to the topics, trends, stories and culture in and around the open source developer community on GitHub.