[FEA]: Update SID with credential detection

exactlyallan commented 9 months ago

Is this a new feature, an improvement, or a change to existing functionality?

Improvement

How would you describe the priority of this feature request

Low (would be nice)

Please provide a clear description of problem this feature solves

Inspired by ArsTechnica Article on ease of publicaly exposed credentials.

Describe your ideal solution

GIST: Build out some extra rules and filters around SID for credential detection, with emphasis for incorporating in CI processes.

Additional context

No response

Code of Conduct

[X] I agree to follow this project's Code of Conduct
[X] I have searched the open feature requests and have found no duplicates for this feature request

yousecjoe commented 6 months ago

I am also interested in adding this as a feature for a cybersecurity use case. The source of the exposed credentials could be haveibeenpwned or a password manager that utilizes that same service. Subscribed.

aserGarcia commented 3 months ago

@exactlyallan , I am interested in working on this as an independent contributor. I wanted clarification on your thoughts.

As I see it, SID classifies on the PCAP data, in your feature, would you suggest training a classifier on code for credential detection? If so, how would that be different that a tool such as ggshield from GitGuardian that can already integrate into GitHub Actions?

exactlyallan commented 2 months ago

@aserGarcia Thanks for your interest - this is an old example use case that we use to showcase the larger Morpheus SDK. As such its not meant to be a product in itself. Feel free to experiment, but we may be pushing an updated example in the coming months as well.

nv-morpheus / Morpheus