-
Notifications
You must be signed in to change notification settings - Fork 1
Secret Scanning
GitHub Secret Scanning is a security feature designed to identify and address exposed secrets, such as passwords or tokens. The process systematically scans commits, pull requests, and the entire Git history. GitHub Secret Scanning is enabled by default for all repositories within the Allianz GitHub organization.
By default, GitHub Secret Scanning supports a wide range of secret types, including those for Azure, AWS, Atlassian, and others. For a detailed list, refer to the Github documentation
Additional secret types can be added by configuring custom secret patterns. To register secret patterns not supported by GitHub, please send an email to [email protected].
In the event that GitHub Secret Scanning identifies exposed secrets, promptly take action to rotate or invalidate the compromised secret.