Hey there!
We run a support community where users often upload log files. We encourage open support discussions whenever possible and only exceptionally raise private messages to collect logs (when we think there's a lot of value in having the unredacted logs or it's a novel situation we'd like to debug as soon as possible).
We've encountered a recurring issue: users inadvertently exposing "secrets" (tokens) in their attachments.
This puts us in a tricky position. We have to inform users about compromised tokens and educate them on safe sharing practices while trying to maintain a balance between open support and confidentiality (not blurring the lines between our confidential professional support and community support).
We'd love to see a feature that scans attachments for secrets, similar to the existing AV scanning functionality (which we use). Ideally, this feature would warn users when secrets are detected in their uploads and possibly alert administrators about potential exposures.
WDYT?
Discuss this on our forum.