GitHub secret scanning alert generated

This rule is part of a beta feature. To learn more, contact Support.
github-telemetry

Classification:

attack

Tactic:

TA0006-credential-access

Technique:

T1552-unsecured-credentials

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Goal

Detect when a GitHub scan detects a secret stored in a repository.

Strategy

Secret scanning is a security feature that helps detect and prevent the accidental inclusion of sensitive information such as API keys, passwords, tokens, and other secrets in your repository. When enabled, secret scanning scans commits in repositories for known types of secrets and alerts repository administrators upon detection.

Secret scanning scans your entire Git history on all branches present in your GitHub repository for secrets. GitHub will also periodically run a full Git history scan of existing content in public repositories where secret scanning is enabled.

If a scan results in a potential secret, Github generates a secret scanning alert to notify repository administrators.

Triage and response

  1. Determine if the detected secret is considered sensitive for your environment.
  2. If the publishing of the detected secret poses a risk to other systems, begin your incident response process and investigate.