BRK: Remove SEC101/109.AzureContainerRegistryLegacyKey as it is too anonymous for standalone secret detection.
FNS: Add UrlCredentials to WellKnownPatterns.UnclassifiedPotentialSecurityKeys.
FNS: Add Unclassified32CharacterString to WellKnownPatterns.UnclassifiedPotentialSecurityKeys. This rule locates some legacy AAD app passwords as well as legacy Azure container registry keys.
OK, so apparently, I previously left a number of rules out of well known patterns for a variety of underlying reasons. Some patterns had syntax errors. In another case, the ACR rule collided with some aad client app detections. The URL credentials rule contained a back-tracking pattern.
SEC101/061.LooseOAuth2BearerToken
detection.SEC101/109.AzureContainerRegistryLegacyKey
as it is too anonymous for standalone secret detection.UrlCredentials
toWellKnownPatterns.UnclassifiedPotentialSecurityKeys
.Unclassified32CharacterString
toWellKnownPatterns.UnclassifiedPotentialSecurityKeys
. This rule locates some legacy AAD app passwords as well as legacy Azure container registry keys.OK, so apparently, I previously left a number of rules out of well known patterns for a variety of underlying reasons. Some patterns had syntax errors. In another case, the ACR rule collided with some aad client app detections. The URL credentials rule contained a back-tracking pattern.
All now resolved.