🔥 3-day streak
GitHub Enterprise Administrator (GH-100)67 / 79
Question 67 of 79
A security engineer at a financial services company wants to detect a proprietary internal API key format (e.g., FINX-<32 hex chars>) across all repositories in their GitHub Enterprise Cloud organization. They have written a custom secret scanning pattern but are concerned that a poorly written regular expression could generate thousands of false positives that overwhelm the security team. What should they do before publishing the pattern to all repositories?
Reviewed for accuracy · Report an issueNext question