Detecting Secrets
Last updated
Last updated
Leaked secrets, such as credentials needed to authenticate and authorize a cloud provider’s API request, expose company software, services, infrastructure, and data to hackers.
Nightfall has developed technology to detect secrets and label findings to speed SecOPs workflows from being clogged and eliminate false positive alerts.
Nightfall uses machine learning models trained on a large (millions of lines of code) diverse dataset (including all programming languages and application types) to ensure best-in-class secret detection accuracy and coverage.
For a growing set of the most popular services, Nightfall will:
label detected secrets by vendor and service type (returned the kind
field of the response)
label detected secrets as active risks by validating supported credential types with their associated service endpoints (returned as the status
of the service)
Our current solution supports the following vendors covering a diverse set of use cases, including cloud storage/infrastructure, communication, social networks, software development, banking, observability, and payment processing.
This list is not static and will continue to grow as we add support for detecting API keys from additional services. If you want to detect API keys from a service not listed below, please contact us.
Below is an example of how an AWS Key would be shown in a finding.
The following values are returned for the status
field:
ACTIVE
EXPIRED
UNVERIFIED
This value will be based on what information is returned by the corresponding service when attempting the validate the key. If no data is returned fro the service, it will be considered UNVERIFIED
.
To use this functionality, you use our existing built-in API_KEY detector to scan a data source such as Git Repository. Below is an example using a detection rule defined in line for a text scan.
AWS
Azure
Confluence
Confluent
Datadog
ElasticSearch
GCP
Google API
GitHub
GitLab
JIRA
JWT
Nightfall
Notion
Okta
Paypal
Plaid
Postmark
Postman
RapidAPI
Salesforce
Sendgrid
Slack
Snyk
Splunk
Square
Stripe
Twilio
Zapier