In certain scenarios, if the administrator wants to ignore specific secret types, secret values, or paths, they can do so by creating an ignore.yaml file. On creating the ignore.yaml file, the file should be placed into the root directory of the repository, within a .blubracket folder.
When a match of the ignore file is made, an alert will not be created (but an event will still be generated).
For example, below is a repository called Test1, which has a .blubracket folder and within the folder is the ignore.yaml file.
A sample .blubracket/ignore.yaml is provided below:
Content Credit from Blubracket Article.
Manage false positives allows you to define few parameters and assign values to them which can be used to signal false positive at the time of scanning for code secrets. When you define a parameter as a false positive, you can easily detect these
PCC Security tool allows you to add a false positive parameter which allows the
To add a false positive pattern, perform the following steps:
1.Login into PCC.
2. Search for the required project. The Project dashboard appears. Click Security from the LFX Tools STATUS tab.
You can also navigate to Security from the Vertical Sidebar navigation menu. Click LFX Tools and then select Security.
3.The Security page appears. From the Manage False Positive tab, click Proceed.
4.The Manage False Positive page appears with the list of defined false positive parameters. Click Add False Positive Pattern to add a new false positive parameter.
5.The Add False Positive Pattern dialog box appears. There are three parameters that are available for you to select and define. After defining the parameter, click Add to add the parameter as false positive. The three parameters are:
Path - Define the path for which you want to flag
Secret Type - You can select the required secret type from the drop-down list. Some of the secret types are password assignment, JWT toke, AWS key and many other secret types are available for your to select.
Secret Value - You should use a regular expression in order to define a value for Secret Value.
A regular expression (regex or regexp) is a sequence of characters that specifies a search pattern. Usually such patterns are used by string-searching algorithms for "find" or "find and replace" operations on strings, or for input validation. For more information, refer Regular Expressions.
You can delete the existing false positive parameter by click of delete icon.
You can update the existing false positive parameter by click of edit icon.
A regular expression (regex or regexp) is a sequence of characters that specifies a search pattern. Usually such patterns are used by string-searching algorithms for "find" or "find and replace" operations on strings, or for input validation.
The below tables assists you on how to use different regular expressions:
Character
Explanation
.
Anything. Any character except newline
a
The character a
ab
The string ab
a|b
a or b
a*
0 or more a's
\
Escapes a special character
Character
Explanation
*
0 or more
+
1 or more
?
0 or 1
{2}
Exactly 2
{2, 5}
Between 2 and 5
{2,}
2 or more
Character
Explanation
(...)
Capturing group
(?P<Y>...)
Capturing group named Y
(?:...)
Non-capturing group
(?>...)
Atomic group
(?|...)
Duplicate group numbers
\Y
Match the Y'th captured group
(?P=Y)
Match the named group Y
(?R)
Recurse into entire pattern
(?Y)
Recurse into numbered group Y
(?&Y)
Recurse into named group Y
\g{Y}
Match the named or numbered group Y
\g<Y>
Recurse into named or numbered group Y
(?#...)
Comment
Character
Explanation
[ab-d]
One character of: a, b, c, d
[^ab-d]
One character except: a, b, c, d
[\b]
Backspace character
\d
One digit
\D
One non-digit
\s
One whitespace
\S
One non-whitespace
\w
One word character
\W
One non-word character
Character
Explanation
^
Start of string
\A
Start of string, ignores m flag
$
End of string
\Z
End of string, ignores m flag
\b
Word boundary
\B
Non-word boundary
\G
Start of match
(?=...)
Positive lookahead
(?!...)
Negative lookahead
(?<=...)
Positive lookbehind
(?<!...)
Negative lookbehind
(?()|)
Conditional
Character
Explanation
i
Ignore case
m
^ and $ match start and end of line
s
. matches newline as well
x
Allow spaces and comments
J
Duplicate group names allowed
U
Ungreedy quantifiers
(?iLmsux)
Set flags within regex
Character
Explanation
Newline
Carriage return
Tab
\0
Null character
\YYY
Octal character YYY
\xYY
Hexadecimal character YY
\x{YY}
Hexadecimeal character YY
\cY
Control character Y
Character
Explanation
[:alnum:]
Letters and digits
[:alpha:]
Letters
[:ascii:]
Ascii codes 0 - 127
[:blank:]
Space or tab only
[:cntrl:]
Control characters
[:digit:]
Decimal digits
[:graph:]
Visible characters, except space
[:lower:]
Lowercase letters
[:print:]
Visible characters
[:punct:]
Visible punctuation characters
[:space:]
Whitespace
[:upper:]
Uppercase letters
[:word:]
Word characters
[:xdigit:]
Hexadecimal digits