Secret scanning enabled
👋 Hello!
Secret Scanning is a feature which is now enabled for all repositories in the Department of Veterans Affairs organization.
For more details about Secret Scanning, see About secret scanning.
You may notice that you receive alerts or notifications about potentially vulnerable secrets such as API tokens found in your code.
You can investigate and remediate these by navigating to the security tab on your repository page, and selecting “Detected Secrets” from the left side menu.
For more details on taking action on alerts, see Managing alerts from secret scanning.
Training opportunities
There are pre-recorded mini-lessons for Advanced Security available:
- Secret Scanning
Must be on the VA network - Code Scanning
Must be on the VA network
There is also a self-guided Learning Lab course available here.
We will also be providing a hackathon to get teams up and running with Advanced Security on November 3rd. Please go here for more information.
Still need help
Should you need support or have questions about this feature, please open an issue or contact the GitHub team at va-delivery@githhub.com.
These features are only available in GitHub.com and will roll out to GitHub Server (github.va.gov) at a later date.
Lean more about all the offerings from the GitHub Services Team available to the VA here.