Adding Datadog secrets checks for all regions #2265
Labels
Comments
zricethezav
added
help wanted
contributions welcomed
|
Seems like a legit concern. We'll happily accept PRs for this issue |
simonwhitaker
added a commit
to simonwhitaker/trufflehog
that referenced
this issue
Feb 25, 2024
2 tasks
simonwhitaker
added a commit
to simonwhitaker/trufflehog
that referenced
this issue
Feb 25, 2024
@zricethezav You can find a proposed fix here: #2510 |
zricethezav
pushed a commit
that referenced
this issue
Feb 28, 2024
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Please review the Community Note before submitting
Description
Being able to check for valid datadog keys on all regions
Preferred Solution
Sending an API check on every region or configure a specific region check to validate if it's a false positive or not. Right now it only checks the US1.
Additional Context
Checking only in the US1 region can lead to false true positives. Keys can be valid and just marked as false positives and nobody bothers to check them, since they're unverified (maybe old keys).
References
https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/datadogtoken/datadogtoken.go
US1 region: https://api.datadoghq.com
US3 region: https://api.us3.datadoghq.com
US5 region: https://api.us5.datadoghq.com
EU region: https://api.datadoghq.eu
AP1 region: https://api.ap1.datadoghq.com
US1-FED region: https://api.ddog-gov.com
The text was updated successfully, but these errors were encountered: