Scanning secrets

Enable the secrets scanner for all applications, projects, and folders globally from the scan.ozsettings file.

The secrets scanner can be enabled for all applications, projects, and folders by editing the enable_secrets_scanner setting to true in the <data_dir>/config/scan.ozsettings file.

The default value of enable_secrets_scanner is false.

For example, in the scan.ozsettings, find the setting as show below, and change value="false" to value="true".

<Setting
        name="enable_secrets_scanner"
        read_only="false"
        default_value="false"
        description="Enable the secrets scanner for all applications projects  and folders. When set to true, the secrets scanner is automatically activated for every scan.
                     When set to false, secrets scanning must be enabled on a per-application or per-project basis."
        type="bool"
        value="false"
        display_name="Enable Secrets Scanner"
        hidden="true"
/>

When secrets scanning is enabled in scan.ozsettings, AppScan® Source displays the message, Secrets scanning is enabled globally via the scan.ozsettings file, in console logs.