secrets - Demisto SDK Guide - Cortex - Security Operations

Demisto SDK Guide

Creation date
Last date published
Demisto SDK Guide

The secrets command finds sensitive data in your files before you upload your code to a public repository.

Run the secrets validator to catch sensitive data before exposing your code to a public repository.

Find secrets such as emails and IP addresses in your files. Cortex XSOAR/XSIAM content is open source and content code can be found on a public repository on GitHub. You have the responsibility to identify and eliminate any secrets before they get to our repository or pull requests.

You can attach the full path to manually allow an allow list.


This command is not guaranteed to find all secrets. A manual review of all files is highly recommended.