Credentials & Secrets
Credentials & secrets hard-coded into code files (e.g. in GitHub) pose risk if leaked or accessed via social engineering attacks. These leaked credentials & secrets can provide access to infrastructure, databases, and third-party APIs. Organizations with technology or product development teams typically leverage the Nightfall detectors listed under “network” and “other” above, plus custom detectors.

Detection Rule Template for Credentials & Secrets

Logical Operator: Flag as finding if ANY of these detectors are triggered
Detector
Minimum Confidence
Minimum Threshold
Cryptographic Key
Likely
1
API Key
Likely
1
Last modified 5mo ago