Secret Detection Adoption Metrics
Current State
Secret Detection adoption is currently measured by resolved vulnerabilities (state="Resolved", type="secret_detection"). This approach has limitations since not all repositories contain secrets, and resolution isn't the only indicator of meaningful adoption.
Proposal
Adoption Metrics
- Feature Enablement: % of customers who have enabled one or more secret detection feature
- Project Coverage: % of customers with secret detection enabled on
Engagement Metrics
Track feature usage to understand overall feature engagement:
| Feature | Engagement Indicator |
|---|---|
| Pipeline secret detection | Secrets resolved or dismissed |
| Secret push protection (private projects, Ultimate) | Secrets blocked or skipped |
| Validity checks | Individual tokens re-checked |
What is adoption?
A customer (namespace) has adopted GitLab groupsecret detection if any of the following are true:
- A secret has been blocked by secret push protection.
- A secret has been marked as dismissed or resolved.
- A token has been re-checked for validity.
Goal
100% of GitLab Ultimate organizations adopt secret detection within 1 year of purchase.
Edited by Alana Bellucci