GitHub announces free secret scanning for all public repositories

Share post:

GitHub has announced that Secret Scanning will be available for free to public repository users.

Secret Scanning, which scans repositories and checks for accidentally committed secrets (authentication tokens, API keys, private keys, and so on), has long been available as an option for GitHub Advanced Security, but it was only available to organizations using GitHub Enterprise Cloud with a GitHub Advanced Security license.

Secret Scanning was announced by GitHub as a beta in May 2020, but it is considered a mechanism to invalidate codes and notify alerts via the Secret Scanning Partner Program. To prevent the misuse of authentication tokens, it supports over 200 secret patterns and has detected over 1.7 million potential secrets this year 2022. We will begin deploying the public beta to some users today, but for the time being, it is best to try to activate it by referring to the official document. By the end of January 2023, it will also be available to all GitHub users.

Secret scanning is an additional repository scanning security option that organisations can enable to detect accidental exposure of known types of secrets. It works by matching patterns provided by partners and service providers, as well as patterns defined by the organization. Each match is reported as a security alert in the repos’ Security tab or to partners if it is triggered by a partner pattern.

The sources for this piece include an article in BleepingComputer.

Featured Tech Jobs



Related articles

EFF expresses concern over proposed United States Patent and Trademark Office’s rules

The Electronic Frontier Foundation (EFF), a digital rights advocate organization, has expressed its dissatisfaction with the United States...

Reddit communities to go private in protest of new API pricing

Reddit communities like r/videos, r/reactiongifs, r/earthporn, and r/lifeprotips, will be going private for 48 hours from June 12th...

Apple unveils Vision Pro mixed reality headset

Apple has released the Vision Pro, an advanced mixed reality headset that combines augmented and virtual reality seamlessly. The...

Meta unveils Meta Quest 3 headset

In an Instagram post, Meta announced the forthcoming release of the Meta Quest 3 headset. Meta claimed to be...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways