Knowledge Base
SailPoint Entro Knowledge Base articles for product capabilities, risks, remediation, and operational guidance.
Secret Scanning
- Secret Scanning
- Summary
- Coverage
- Supported secrets
- Validity Status & Triage
- Configurations
- Additional features
- Remediation
- Secret rotation
- Azure DevOps PAT
- Atlassian API Key
- AWS Access Key
- Azure Storage Access Key
- Azure App Registration Client Secret (Entra)
- Teams Webhooks
- GCP Service Account Key
- Google API Key
- OpenAI API Key
- GitHub Personal Access Token
- Gitlab Personal Access Token
- Mitigation guidelines
- Pre-commit Hooks
- Gitlab Code Commit
- GitHub Code Commit
- GitHub Action Log
- GitHub Pull Request
- Bitbucket
- Slack Messages
- Microsoft Teams
- AWS Lambda
- AWS Parameter Store
- Azure Functions
- GCP Functions
- Sharepoint
- Confluence
- Jira tickets
- SMB File Share
Shift Left
- Shift Left
- SailPoint Entro API Secret Scanner
- SailPoint Entro CLI & Pre-Commit hook
- Manual Git Hooks
- GitLab
- GitHub
- BitBucket
- DevGuard
Non-Human-Identity
- Non-Human-Identity
- NHI Tokens coverage
- NHI Ownership Attribution
- NHI Lineage Map
- Zero Trust
- NHI Permissions Level
Vault Management
Threats and Risks
- Threats and Risks
- Risks
- Exposed Secrets
- Consolidated risk for the same exposed secret
- Cleartext exposed secrets
- Exposed Secrets Goldmine
- The same secret is exposed in multiple locations
- Abnormal Behavior
- NHI Token access to restricted services
- Secret revealed by human actor
- Previously inactive token is now active again
- Previously disabled token has been reactivated
- Production secret is fetched by script
- Production secret is fetched by IDE
- Production token is used by IDE client
- Idle identity fetched a secret
- Secret/Token activity from restricted location
- Vault Dump
- NHI Token Used by Multiple Devices
- Least Privilege
- Cross account privilege escalation via AWS Role
- ACL Permissions over secret
- Excessive unused token permissions
- External accounts can read your secrets
- Monitoring
- Secret Hygiene
- Secret Rotation
- Token Rotation
- Stale (Idle) Secret/Token
- Active/Idle NHI Token is about to be expired
- Misconfiguration
- Misplaced Secret
- Former Employee Token is Enabled
- Human account with service account attributes
- Playbook
Employee Identity
Remediation
SailPoint Entro Connector
Management
Automation, SOAR and SIEM
- Automation, SOAR and SIEM
- Platforms
- Webhooks
- AWS Lambda
- Azure Logic Apps
- Google SecOps SIEM
- Google SecOps SOAR
- Jira Automation
- ServiceNow
- Splunk
- Workato
- Sumo Logic (Log Analytics) - WIP
- Tines