STO: Add secret detection to set up scans section #9458
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://67b5d9089f480a57f90a768d--harness-developer.netlify.app |
|
|
||
| Secret Detection is a security testing practice that scans code repositories for exposed credentials, API keys, tokens, and other sensitive information. Detecting and addressing exposed secrets early helps prevent unauthorized access and security breaches. | ||
|
|
||
| With Harness Security Testing Orchestration (STO), you can perform Secret Detection using **[Gitleaks](/docs/security-testing-orchestration/sto-techref-category/gitleaks-scanner-reference)**, which is the only scanner currently supported for this scan type. STO applies its security orchestration features, such as results normalization, deduplication, and formatting findings into actionable insights. |
There was a problem hiding this comment.
Gitleaks is not the only one. We bucket Gitleaks under secret detection as its estially just 1 secret scanner.
But other SAST and SCA scanners also perform secret detection like semgrep, wiz, etc.
|
|
||
| ## Next steps | ||
|
|
||
| import ScanTypeNextSteps from '/docs/security-testing-orchestration/set-up-scans/shared/next-steps-for-scan-types.md'; |
There was a problem hiding this comment.
Next steps should also include - Create/manage Jira tickets
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Thanks for contributing to the Harness Developer Hub! Our code owners will review your submission.
Description
PR lifecycle
We aim to merge PRs within one week or less, but delays happen sometimes.
If your PR is open longer than two weeks without any human activity, please tag a code owner in a comment.
PRs must meet these requirements to be merged: