Secret Keyword

Bridgecrew Policy ID: BC_GIT_10
Severity: LOW

Secret Keyword


This check attempts to identify non-standard secrets by using standard keyword conventions used to annotate secrets in custom application code. The check utilizes the following keywords:


Fix - Buildtime

Multiples services

Step 1: Revoke Secret.

Step 2: Clean the git history.
Go under the settings section of your GitHub project and chose the change visibility button at the bottom.

Step 3: Check your application access logs to ensure the key was not utilized during the compromised period.