Prerequisites
To scan your code for generic secrets, you must have the following:- Access to Semgrep Secrets.
- Semgrep Multimodal enabled.
- Semgrep CLI version
1.86.0or higher running in your CI environment.
semgrep ci command, because Semgrep Multimodal requires code access.
Enable generic secrets
1
Sign in to Semgrep AppSec Platform.
2
Go to Settings > General > Secrets.
3
Click the Generic secrets toggle to turn on generic secrets.
View findings
1
Sign in to Semgrep AppSec Platform.
2
Go to Secrets to see a list of all findings identified by Semgrep Secrets.
3
Expand the Additional filters menu, then select type > Generic Secrets to filter for generic secrets findings.
Disable generic secrets
1
Sign in to Semgrep AppSec Platform.
2
Go to Settings > Deployment and navigate to the Secrets section.
3
Click the Generic secrets toggle to turn off generic secrets.