Secret Detectors

Secret detectors are sets of rules to discover the presence of sensitive information, such as passwords, API keys, and other credentials, within container images. After discovering these secrets, you can mitigate potential security risks associated with the accidental or intentional exposure of them within containers.

Secret detectors use regular expression patterns to identify potential secrets. These patterns may include commonly used keywords, specific formats for passwords or API keys, or other secret-related patterns. By matching these patterns against container images, configurations, or data, secret detectors flag the presence of secrets.

Currently, only system-defined detectors are available, and it is not possible to create new detectors. You can change status and severity of the existing secret detactors.

View Detectors Available in Your Account

Go to Configurations > Secret Detection.
Here, you can view the list of detectors available in your account. Currently, Qualys offers 85 Secret Detectors.
Optional: Use a search query to filter the detectors as required. For more information on search tokens available for secret detectors, see Searching for Secret Detectors.
To view the details of a detector, select View Details from the Quick Actions menu.
The detector summary shows the regular expression used for discovering secrets.