Whenever a GitGuardian honeytoken is triggered,Ā
we provide you with the IP address, user agent, and what action the user was attempting, asĀ
well as accurate timestamps for all events. When investigating those events,Ā
wouldn't it be great to tag known IPs, such as those coming fromĀ
within your organization? Well, good news!
Now, anyone managing your GitGuardian workspace can set up IP taggingĀ
rules for honeytoken events by opening the settings menu and clicking on Honeytoken.
From here they can manage the labels for your Honeytokens
and now, they can create and manage rules for IP tags. As you will see, we already added labelsĀ
for GitGuardian Public Monitoring IP and AWS Internal IP scanning, the most commonĀ
triggers of Honeytokens that are pushed publicly. To create your own, just click Create Rule
Give your tag a meaningful name And then define your IP range of known addresses Now when someone inside your network triggersĀ
a honeytoken, through testing or for any other reason, you will be able to easily identify it asĀ
a probable false alarm and not a true code leak, or if it is from a completely unknown, new addressĀ
that merits further investigation and action. IP tagging is just one more wayĀ
we are making it easy to manage Honeytokens at scale so you can keepĀ
your organization safe and secure.