Whenever a GitGuardian honeytoken is triggered,Â
we provide you with the IP address, user agent, and what action the user was attempting, asÂ
well as accurate timestamps for all events. When investigating those events,Â
wouldn't it be great to tag known IPs, such as those coming fromÂ
within your organization? Well, good news!
Now, anyone managing your GitGuardian workspace can set up IP taggingÂ
rules for honeytoken events by opening the settings menu and clicking on Honeytoken.
From here they can manage the labels for your Honeytokens
and now, they can create and manage rules for IP tags. As you will see, we already added labelsÂ
for GitGuardian Public Monitoring IP and AWS Internal IP scanning, the most commonÂ
triggers of Honeytokens that are pushed publicly. To create your own, just click Create Rule
Give your tag a meaningful name And then define your IP range of known addresses Now when someone inside your network triggersÂ
a honeytoken, through testing or for any other reason, you will be able to easily identify it asÂ
a probable false alarm and not a true code leak, or if it is from a completely unknown, new addressÂ
that merits further investigation and action. IP tagging is just one more wayÂ
we are making it easy to manage Honeytokens at scale so you can keepÂ
your organization safe and secure.