| Consolidated risk for secret exposure |
Exposed Secret |
All platforms |
Secrets Scanning |
| Cleartext secret in configuration |
Exposed Secret |
   |
Secrets Scanning |
| Cleartext secret exposed in CICD output |
Exposed Secret |
   |
Secrets Scanning |
| Cleartext secret exposed in collaboration platform |
Exposed Secret |
      |
Secrets Scanning |
| Hardcoded secret in code commit |
Exposed Secret |
   |
Secrets Scanning |
| Correlated token exposure |
Exposed Secret |
All platforms |
Secrets Scanning |
| Exposed secrets goldmine |
Exposed Secret |
All platforms |
Secrets Scanning |
| The same secret is exposed in multiple locations - Legacy |
Exposed Secret |
All platforms |
Secrets Scanning |
| Secret revealed by human actor |
Abnormal Behavior |
  |
Vault Security |
| Previously inactive token is active again |
Abnormal Behavior |
  |
NHI |
| Previously disabled token has been reactivated |
Abnormal Behavior |
  |
NHI |
| Production secret is fetched by script |
Abnormal Behavior |
  |
Vault Security |
| Production secret is fetched by IDE client |
Abnormal Behavior |
  |
Vault Security |
| Production token is used by IDE client |
Abnormal Behavior |
  |
NHI |
| Idle identity fetched a secret |
Abnormal Behavior |
 |
Vault Security |
| Secret was fetched by non-privileged position |
Abnormal Behavior |
|
Vault Security |
| Secret/Token activity from restricted location |
Abnormal Behavior |
 |
Vault Security |
| Vault dump |
Abnormal Behavior |
  |
Vault Security |
| NHI token used by multiple devices |
Abnormal Behavior |
   |
NHI |
| Failed Recon / Privilege Escalation attempt |
Abnormal Behavior |
 |
|
| ACL permissions over secret |
Principle of Least Privilege |
    |
|
| Excessive unused token permissions |
Principle of Least Privilege |
   |
|
| External accounts can read your secrets |
Principle of Least Privilege |
   |
|
| Cross-account NHI Privilege Escalation point |
Principle of Least Privilege |
 |
|
| Secret fetched by a new workload |
Monitoring |
 |
|
| Overused secret |
Monitoring |
   |
|
| Failed attempts to single/multiple secrets |
Monitoring |
|
|
| Former employees secret offboarding report |
Monitoring |
|
|
| Secret rotation |
Secret Hygiene |
      |
|
| Token rotation |
Secret Hygiene |
     |
|
| Stale secret |
Secret Hygiene |
      |
|
| Stale token |
Secret Hygiene |
   |
|
| Misplaced secrets |
Misconfiguration |
   |
|
| Former employee token is enabled |
Misconfiguration |
     |
|