Ctrlk
Book a demo

Defining Custom Secret and PII Patterns

Note: This capability is currently in Early Access (EA) and is not generally available. To request access, please contact OX technical support.

You can define custom patterns to detect proprietary secrets, internal credentials, or organization-specific PII formats that are not recognized by OX by default.

After a custom pattern is added, it becomes active in subsequent scans across supported OX scanning engines.

  1. Go to Settings > Scan settings > Secrets.

  2. Enable Custom Secret/PII Pattern Detection.

  1. In the Custom patterns section, select Add.

  1. In the Basics tab, configure the pattern settings.

Field
Description

Secret / PII

Defines whether the pattern detects secrets or PII

Name

Display name for the custom pattern

Severity

Severity assigned to matching findings

Pattern (regex)

Regex expression used for matching

Notes

Internal notes for the pattern

Custom Issue Description

Custom description displayed in related findings

  1. Optional: In the Validation tab, test the Regex pattern against example values before saving the rule.

Field
Description

Example Secret

Example value used to validate the Regex pattern

  1. Optional: In the Advanced tab, configure additional matching controls.

Field
Description

Entropy

Additional validation used to improve detection accuracy

Secret group

Group identifier used during matching

  1. Select Add.

The pattern becomes active in subsequent scans after it is saved.

Limits and permissions

Configuration
Value

Maximum custom patterns per organization

20

Default state

Disabled

Required permissions

Admin or Policy Manager

Last updated