Merge branch 'russell/improve-sd-docs-1' into 'master'

Improve introduction to Secret Detection See merge request gitlab-org/gitlab!75312

Merge branch 'russell/improve-sd-docs-1' into 'master'
Improve introduction to Secret Detection See merge request gitlab-org/gitlab!75312
d2cd17e6 · Kati Paizee · 84b7184e · 6dafc0e8 · d2cd17e6
Commit d2cd17e6 authored Dec 31, 2021 by Kati Paizee
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 21 deletions

doc/user/application_security/secret_detection/index.md doc/user/application_security/secret_detection/index.md +17 -21

No files found.
--- a/doc/user/application_security/secret_detection/index.md
+++ b/doc/user/application_security/secret_detection/index.md
@@ -8,35 +8,31 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 > [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/222788) from GitLab Ultimate to GitLab Free in 13.3.

-A recurring problem when developing applications is that developers may unintentionally commit
-secrets and credentials to their remote repositories. If other people have access to the source,
-or if the project is public, the sensitive information is then exposed and can be leveraged by
-malicious users to gain access to resources like deployment environments.
+A recurring problem when developing applications is that people may accidentally commit secrets to
+their remote Git repositories. Secrets include keys, passwords, API tokens, and other sensitive
+information. Anyone with access to the repository could use the secrets for malicious purposes.
+Secrets exposed in this way must be treated as compromised, and be replaced, which can be costly.
+It's important to prevent secrets from being committed to a Git repository.

-GitLab includes a check called Secret Detection. It scans the content of the repository
-to find API keys and other information that should not be there.
+Secret Detection uses the [Gitleaks](https://github.com/zricethezav/gitleaks) tool to scan the
+repository for secrets. All identified secrets are reported in the:

-GitLab displays identified secrets visibly in a few places:
-
- [Security Dashboard](../security_dashboard/)
+- Merge request widget
 - Pipelines' **Security** tab
- Report in the merge request widget
+- [Security Dashboard](../security_dashboard/)

 ![Secret Detection in merge request widget](img/secret_detection_v13_2.png)

-## Use cases
-
- Detecting unintentional commit of secrets like keys, passwords, and API tokens.
- Performing a single or recurring scan of the full history of your repository for secrets.
-
-## Supported secrets
+WARNING:
+Secret Detection does not support scanning binary files.

-Secret Detection detects a variety of common secrets by default. You can also customize the secret detection patterns using [custom rulesets](#custom-rulesets).
-The [default ruleset](https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/blob/master/gitleaks.toml) includes **90+ secret detection patterns**.
-You can contribute "well-identifiable" secrets by follow the steps detailed in the [community contributions guidelines](https://gitlab.com/gitlab-org/gitlab/-/issues/345453).
+## Detected secrets

-WARNING:
-Gitleaks does not support scanning binary files.
+Secret Detection uses a [default ruleset](https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/blob/master/gitleaks.toml)
+containing more than 90 secret detection patterns. You can also customize the secret detection
+patterns using [custom rulesets](#custom-rulesets). If you want to contribute rulesets for
+"well-identifiable" secrets, follow the steps detailed in the
+[community contributions guidelines](https://gitlab.com/gitlab-org/gitlab/-/issues/345453).

 ## Requirements