Sometimes the GitGuardian secrets detection engine can seem like a mysterious black box, but in reality, it is a huge collection of independent detectors that are being constantly maintained by our dedicated Secrets Team. This team has been working hard since the beginning of the year to ensure your code is protected with the most updated secrets detection capabilities available and today we are happy to be able to share some of these updates with you.

Secrets detection is a very difficult problem to solve, partly because there are a huge number of different types of secrets all with unique characteristics, and partly because secrets are probabilistic in nature, meaning it is impossible to be 100% certain any particular secret is a true positive.

Learn more about how GitGuardian detects secrets

To ensure we provide you with the best coverage of protection, we create individual algorithms for each secret that we call detectors. Recently we detailed exactly how these individual detectors work using the MongoDB credentials as an example. Currently, we have over 250 detectors and this year we have been working at not only updating these but also adding brand new detectors.

In the first 3 months of 2021 we have added 16 new detectors in addition to continuing improvements to the existing detectors. We are excited to share these updates with you as part of our ongoing campaign to lift the lid on the black box that is secrets detection.

New Specific Detectors

New Generic Detectors

In addition to the 14 new detectors above, we also added two new generic category detectors. These are detectors that are not for specific services but to detect secrets that are not covered by a specific detector. These are turned OFF by default in the GitGuardian dashboard.

A quick reminder that you can view and control what detectors are turned on from your GitGuardian Dashboard under settings.