jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-25 11:03:37 -05:00
Code Issues Projects Releases Wiki Activity

first edits

Browse Source
This commit is contained in:
Anne-Marie
2024-09-23 16:18:33 +00:00
parent 53a81cdde7
commit e8b9cebfdf
4 changed files with 30 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
View File

@@ -22,7 +22,7 @@ allowTitleToDifferFromFilename: true
There are some additional features that can help you to evaluate alerts in order to better prioritize and manage them. You can:
* Check the validity of a secret, to see if the secret is still active. {% ifversion fpt or ghes %}**Applies to {% data variables.product.company_short %} tokens only**.{% endif %} For more information, see "[Checking a secret's validity](#checking-a-secrets-validity)."{% ifversion secret-scanning-validity-check-partner-patterns %}
* Perform an "on-demand" validity check, to get the most up to date validation status. For more information, see "[Performing an on-demand-validity-check](#performing-an-on-demand-validity-check)."{% endif %}
* Perform an "on-demand" validity check, to get the most up to date validation status. For more information, see "[Performing an on-demand validity check](#performing-an-on-demand-validity-check)."{% endif %}
* Review a token's metadata. **Applies to {% data variables.product.company_short %} tokens only**. For example, to see when the token was last used. For more information, see "[Reviewing {% data variables.product.company_short %} token metadata](#reviewing-github-token-metadata)."{% ifversion secret-scanning-multi-repo-public-leak %}
* Review the labels assigned to the alert. For more information, see "[Reviewing alert labels](#reviewing-alert-labels)."{% endif %}

28
content/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts.md
View File

@@ -19,18 +19,36 @@ allowTitleToDifferFromFilename: true
## Fixing alerts
Once a secret has been committed to a repository, you should consider the secret compromised. {% data variables.product.prodname_dotcom %} recommends the following actions for compromised secrets:
Once a secret has been committed to a repository, you should consider the secret compromised. {% data variables.product.github %} recommends the following actions for compromised secrets:
* For a compromised {% data variables.product.prodname_dotcom %} {% data variables.product.pat_generic %}, delete the compromised token, create a new token, and update any services that use the old token. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)."
* For a compromised {% data variables.product.github %} {% data variables.product.pat_generic %}:
{% ifversion secret-scanning-report-secret-github-pat %}
* Report the leaked token to {% data variables.product.github %}. {% data variables.product.github %} will then automatically revoke the token. For more information, see "[Reporting a leaked secret](#reporting-a-leaked-secret)."
* Update any services that use the old token.{% else %}
* Delete the compromised token, create a new token, and update any services that use the old token. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)."{% endif %}
{%- ifversion token-audit-log %}
* {% ifversion ghec %}If your organization is owned by an enterprise account, identify{% else %}Identify{% endif %} any actions taken by the compromised token on your enterprise's resources. For more information, see "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token)."
{%- endif %}
* For all other secrets, first verify that the secret committed to {% data variables.product.product_name %} is valid. If so, create a new secret, update any services that use the old secret, and then delete the old secret.
{% ifversion fpt or ghec %}
* For all other secrets:
* First verify that the secret committed to {% data variables.product.product_name %} is valid. {% ifversion secret-scanning-validity-check-partner-patterns %}For more information, see "[Performing an on-demand validity check](/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts#performing-an-on-demand-validity-check).{% endif %}
* If the secret is valid, create a new secret, update any services that use the old secret, and then delete the old secret.
{% ifversion fpt or ghec %}
> [!NOTE]
> If a secret is detected in a public repository on {% data variables.product.github %} and the secret also matches a partner pattern, an alert is generated and the potential secret is reported to the service provider. For details of partner patterns, see "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)."
{% endif %}
{% ifversion secret-scanning-report-secret-github-pat %}
### Reporting a leaked secret
> [!NOTE]
> If a secret is detected in a public repository on {% data variables.product.prodname_dotcom %} and the secret also matches a partner pattern, an alert is generated and the potential secret is reported to the service provider. For details of partner patterns, see "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)."
> {% data reusables.secret-scanning.report-secret-pat-beta-note %} The feature is currently only available for {% data variables.product.github %} {% data variables.product.pat_generic %}s (v1 and v2).
TODO
{% endif %}