Checkov calculates entropy levels using a Shannon Entropy calculator. The entropy levels of keys are important, as the more or less information required to determine unknown key variables can alter how difficult it is to crack. If a high-entropy string is detected, the string is printed to the screen.
This check scans the branch and evaluate the Shannon entropy for both the base64 character set for every blob of text.
Step 1: Revoke the exposed secret.
Start by understanding what services were impacted and refer to the corresponding API documentation to learn how to revoke and rotate the secret.
Step 2: Clean the git history.
Go under the settings section of your GitHub project and chose the change visibility button at the bottom.
Step 3: Check any relevant access logs to ensure the key was not utilized during the compromised period.
Updated 2 months ago