# Issue Details: Sensitive Data

## Sensitive Data

The Sensitive Data tab lists the individual secrets and credentials detected within the affected resource, with their location, type, and current validity status.

<figure><img src="/files/q27SRsjAqylnRD7MdOa5" alt="" width="563"><figcaption></figcaption></figure>

Use this tab to review every detected secret, confirm which ones are still active, and identify exactly where each secret lives so it can be revoked and removed.

The Aggregations counter at the top shows the total number of detected secrets in the resource. Each row represents a single match.

| Column      | What it shows                                                                                                                                                       | How to use                                                                                                                                                       |
| ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Status      | The live validation status of the secret: Active (still valid and usable), Inactive (no longer valid), or n/a (validity could not be verified).                     | Treat Active secrets as the highest priority — they can be used by an attacker right now and must be rotated immediately.                                        |
| Source      | The resource where the secret was detected, such as the S3 bucket or repository name.                                                                               | Use this to identify the affected asset and route remediation to the team that owns it.                                                                          |
| Location    | The file path within the source where the secret was found (for example, config/settings.json or secrets/.env).                                                     | Use this to locate the exact file that needs to be cleaned up or removed.                                                                                        |
| Match       | The detected secret value, partially masked.                                                                                                                        | Use this to confirm the finding and to recognize the secret when searching downstream copies, backups, or logs.                                                  |
| Line Number | The line within the file where the secret appears.                                                                                                                  | Use this to jump directly to the offending line for removal or replacement with a reference to a managed secret store.                                           |
| Secret Type | The classification of the secret, such as aws-access-key, aws-secret-key, postgresql-connection-string, github-fine-grained-pat, or base64-github-fine-grained-pat. | Use this to determine the correct revocation path — each secret type has its own rotation procedure in the issuing system (AWS IAM, GitHub, the database, etc.). |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ox.security/scan-and-analyze-with-ox/analyzing-scan-results/active-issues-new/issue-details-sensitive-data.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.