List Risks
Retrieve information about potential security risks.
External Documentation
To learn more, visit the Entro documentation.
Basic Parameters
Parameter | Description |
---|---|
From Date | Filter risks from this date. |
Severity | Severity of the risk. |
Source | Source of the risk. |
Status | Status of the risk. |
Type | Type of the risk. |
Advanced Parameters
Parameter | Description |
---|---|
Secret Type | Type of the exposed secret. |
Secret Validity | Validity of the exposed secret. |
Example Output
{
"risks": [
{
"guid": "RSK-1273",
"severity": "MEDIUM",
"owner": "adam.cheriki@acme.com",
"detectionTime": "1688302174",
"type": "EXPOSURE",
"rule": "EXPOSED_GITHUB",
"status": "OPEN",
"summary": "A secret of type Certificate is exposed inside 1 commit of the file 'exposure.cert' in the private GitHub repository called 'acme/test'.",
"threatDescription": "Storing secrets in a GitHub repository poses a serious security risk because it's often shared with multiple team members, or in some cases, publicly, which increases the risk of the sensitive information being leaked or misused.",
"payload": {
"tokenStatus": "ENABLED",
"tokenType": "CERTIFICATE",
"tokenSnippet": "----- BEGIN CERT...",
"organization": "acme",
"repository": "test",
"visibility": "PUBLIC",
"filename": "exposure.cert",
"commitAuthor": "adam.cheriki",
"commitUrl": "https://github.com/acme/test/commit/34567d343755bd123f82051681e206da99b400bb",
"commitDate": "2022-12-01T16:12:42Z"
},
"account": {
"environmentType": "PRODUCTION",
"environment": "Acme",
"accountId": "infosecmachine",
"accountType": "GITHUB"
}
}
]
}
Workflow Library Example
List Risks with Entro and Send Results Via Email
Preview this Workflow on desktop