eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
kingfisher/crates/kingfisher-rules/data/rules/lacework.yml
Mick Grove 2444d83e5d more rules
2026-04-03 23:43:49 -07:00

50 lines
1.3 KiB
YAML
Raw Permalink Blame History

rules:
- name: Lacework API Key ID
id: kingfisher.lacework.1
pattern: |
(?xi)
\b
lacework[_-]?api[_-]?key
(?:.|[\n\r]){0,16}?
[=:"'\s]
['"]*
(
[A-Z0-9_]{24,60}
)
['"\s]
pattern_requirements:
min_digits: 4
min_uppercase: 8
min_entropy: 3.0
confidence: medium
visible: false
examples:
- "LACEWORK_API_KEY=\"DEVACCT_B2849286C1644991C28692DF7C5EA973BA0BB848B6DD303D\""
- "LACEWORK_API_KEY=PRODACCT_E1F2A3B4C5D6789012345ABCDEF012345678901234 "
references:
- https://docs.lacework.com/api/api-access-keys-and-tokens
- name: Lacework API Secret
id: kingfisher.lacework.2
pattern: |
(?xi)
\b
lacework[_-]?api[_-]?secret
(?:.|[\n\r]){0,16}?
[=:"'\s]
['"]*
(
_[a-z0-9]{31}
)
['"\s]
pattern_requirements:
min_digits: 4
min_entropy: 3.0
confidence: high
examples:
- "LACEWORK_API_SECRET=\"_c7df6ee56c7cf8603854a3b1b2b4a5b\""
- "LACEWORK_API_SECRET=_a4d3e2f1b7c8e5d294963a2b1b3b4c5 "
references:
- https://docs.lacework.com/api/api-access-keys-and-tokens
# No simple validation: Lacework API requires both the API key and secret
# to obtain an access token. Cannot validate with a single credential.
View git blame Copy permalink