What is a Secret vs a Violation?
Explore the difference between a Secret and a Violation in the Nightfall for Github console.
What is a Secret?
A Secret is a unique literal string, token, or fragment that Nightfall detects. For example, “api_key_abcd” or “password123” could be considered two distinct Secrets. Every instance or appearance of “password123” across code repos corresponds to the same Secret.
What is a Violation?
A Violation is a single instance of a Secret being discovered that violates the DLP policy associated with your GitHub account. For example, if “password123” is the Secret, and it appears across 5 different commits, this would correspond to 5 distinct violations.
Why do I see multiple Violations of the same Secret?
Git is a complex protocol that tracks the full history of a code repository across commits and branches. This means that a Secret (e.g. “password123”) could end up proliferating across many different branches, files, and/or commits. Remediating/removing a single instance of the Secret on one commit may provide a false sense of security, since the Secret is still available elsewhere throughout the repo. Nightfall for GitHub intentionally produces a unique Violation per instance of a Secret across your code base, so that you can hunt down every instance of the Secret and reduce the chance of compromised credentials.
Copy link