From badb450a987e10c665ec345bb353bfaff0e8cbae Mon Sep 17 00:00:00 2001
From: Russell Dickenson <rdickenson@gitlab.com>
Date: Wed, 30 Oct 2024 14:49:16 +0000
Subject: [PATCH] Improve intro of secret detection patterns

---
 .../secret_detection/pipeline/index.md        | 28 +++++++++----------
 .../secret_push_protection/index.md           | 10 +++----
 2 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/doc/user/application_security/secret_detection/pipeline/index.md b/doc/user/application_security/secret_detection/pipeline/index.md
index 7e31b137b48ce..def7008d05763 100644
--- a/doc/user/application_security/secret_detection/pipeline/index.md
+++ b/doc/user/application_security/secret_detection/pipeline/index.md
@@ -33,20 +33,20 @@ With GitLab Ultimate, pipeline secret detection results are also processed so yo
 
 ## Detected secrets
 
-GitLab maintains the detection rules used in pipeline secret detection. The default ruleset contains
-more than 100 patterns.
-
-Most pipeline secret detection patterns search for specific types of secrets.
-Many services add prefixes or other structural details to their secrets so they can be identified if they're leaked.
-For example, GitLab [adds a `glpat-` prefix](../../../../administration/settings/account_and_limit_settings.md#personal-access-token-prefix) to project, group, and personal access tokens by default.
-
-To provide more reliable, high-confidence results, pipeline secret detection only looks for passwords or other unstructured secrets in specific contexts like URLs.
-
-A detected secret remains in the vulnerability report as "Still
-detected" even after the secret is removed from the scanned file. This
-is because the secret remains in the Git repository's history. To
-address a detected secret, remediate the leak, then triage the
-vulnerability.
+Pipeline secret detection scans the repository's content for specific patterns. Each pattern matches
+a specific type of secret and is specified in a rule by using a TOML syntax. The default set of
+rules is maintained by GitLab. In the Ultimate tier, you can customize the default ruleset to suit
+your needs. For details, see [Customize analyzer rulesets](#customize-analyzer-rulesets). To confirm
+which secrets are detected by pipeline secret detection, see
+[Detected secrets](../detected_secrets.md). To provide reliable, high-confidence results, pipeline
+secret detection only looks for passwords or other unstructured secrets in specific contexts like
+URLs.
+
+When a secret is detected a vulnerability is created for it. The vulnerability remains as "Still
+detected" even if the secret is removed from the scanned file and pipeline secret detection has been
+run again. This is because the secret remains in the Git repository's history. To understand how to
+remove a secret from the Git repository's history, see the tutorial
+[Remove a secret from your commits](../remove_secrets_tutorial.md).
 
 ## Coverage
 
diff --git a/doc/user/application_security/secret_detection/secret_push_protection/index.md b/doc/user/application_security/secret_detection/secret_push_protection/index.md
index fd50da5ee3a69..b10e9a3b24e0e 100644
--- a/doc/user/application_security/secret_detection/secret_push_protection/index.md
+++ b/doc/user/application_security/secret_detection/secret_push_protection/index.md
@@ -54,11 +54,11 @@ If secret push protection does not detect any secrets in your commits, no messag
 
 ## Detected secrets
 
-GitLab maintains a [set of rules](../detected_secrets.md) that are used for blocking secrets from being pushed to GitLab.
-
-Scanning against low-confidence patterns can potentially lead to a timeout or the push check failing. Therefore, we chose to include only high-confidence patterns to ensure a performant experience when pushing your code, and to reduce the number of false alerts.
-
-It is currently not possible to use custom rulesets with secret push protection.
+Secret push protection scans commits for specific patterns. Each pattern matches a specific type of
+secret. To confirm which secrets are detected by secret push protection, see
+[Detected secrets](../detected_secrets.md). Only high-confidence patterns were chosen for secret
+push protection, to minimize delay when pushing your code and minimize the number of false alerts.
+You cannot customize the ruleset used by secret push protection.
 
 ## Enable secret push protection
 
-- 
GitLab