Which of the following tasks can be performed by a security team as a proactive measure to help address secret scanning alerts? (Each answer presents a complete solution. Choose two.)
A.
Dismiss alerts that are older than 90 days.
B.
Configure a webhook to monitor for secret scanning alert events.
C.
Enable system for cross-domain identity management (SCIM) provisioning for the enterprise.
D.
Document alternatives to storing secrets in the source code.
Webhookscan be configured to listen for secret scanning events. This allows automation, logging, or alerting in real-time when secrets are detected.
Documenting secure development practices(like using environment variables or secret managers) helps reduce the likelihood of developers committing secrets in the first place.
Dismissal based on age is not a best practice without triage. SCIM deals with user provisioning, not scanning alerts.
[: GitHub Docs – Managing and Responding to Secret Scanning Alerts, ==========]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit