Sensitive Data & Secrets patterns
This feature is only available under feature flag to Design Partners.
Sensitive data and secrets patterns are essential components of Escape's Inventory, designed to detect and manage potential data exposures across various platforms and environments. This section explains how these patterns function and their role in securing sensitive information.
Overview of Scalars
Scalars, or sensitive data and secrets patterns, operate by scanning and validating data within the specified exploration scope. They are critical for identifying and mitigating risks associated with:
- Frontend Leaks: Detection of sensitive data inadvertently exposed in frontend applications.
- API Leaks: Identification of secrets or sensitive information that may be exposed through APIs.
- Repository Leaks: Comprehensive scanning of repositories, including commit histories, to uncover any embedded secrets or sensitive data that should not be publicly accessible.
Preconfigured Scalars
Currently, scalars are preconfigured to cover a wide range of common sensitive data and secret types, ensuring robust detection capabilities right out of the box. These include but are not limited to API keys, passwords, and secure tokens. The specific details of these preconfigured scalars can be found in the Scalar Section of the documentation.
Future Customization Options
Customization of sensitive data and secrets patterns is a feature currently under development and is expected to be available soon. This will allow users to tailor the scalars to better fit their specific security needs.
Importance of Sensitive Data & Secrets patterns
Implementing sensitive data and secrets patterns is crucial for maintaining the integrity and confidentiality of an organization's data assets. By proactively identifying and addressing potential leaks, organizations can prevent significant security incidents and comply with regulatory requirements that mandate the protection of sensitive information.
In conclusion, while the current scalars are effectively safeguarding assets with preconfigured settings, the forthcoming customization capabilities will enhance this protection by providing organizations with the flexibility to adapt patterns as their security landscapes evolve.