Control: GitHub > Repository > Code Security > Secret Scanning

Secret scanning is a feature that automatically detects and alerts us of exposed secrets, such as API keys and credentials, in the repositories' code. It helps protect your systems from unauthorized access by identifying and notifying you about potentially leaked secrets.

Resource Types

This control targets the following resource types:

GitHub > Repository

Policies

The following policies can be used to configure this control:

GitHub > Repository > Code Security > Secret Scanning

In Your Workspace

Developers

Control Type URI

tmod:@turbot/github#/control/types/repositoryCodeSecuritySecretScanning

Category URI

tmod:@turbot/turbot#/control/categories/security

GraphQL

query controlType(id: "tmod:@turbot/github#/control/types/repositoryCodeSecuritySecretScanning") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/github#/control/types/repositoryCodeSecuritySecretScanning'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/github#/control/types/repositoryCodeSecuritySecretScanning"