Glossary

Findings

  • All issues that are identified by GuardRails engines are called findings. Only enabled rules qualify as a Vulnerability candidate.

Vulnerabilities

Each Vulnerability will go through our expert system to determine if it's a false positive or not. More information on how to report false positives can be found here.

False Positives

  • A false positive is when a security issue was wrongly identified. We aim for zero false positives in GuardRails results.

PR

  • A pull request (PR) is a term from GitHub. Read more about it here. A PR is also synonymous with a Merge Request (MR) in the GitLab lingo.

Secrets

  • A secret is any of the following: API keys, cryptographic keys (e.g private keys), or passwords.

Regex

  • A Regular Expression is a sequence of characters that define a search pattern.
FAQTools & Licenses