Sec1
ProductsBook A DemoContact Us
  • Sec1 Documentation
  • Quick Start
    • Login to Sec1
    • Your First Scan
    • View Results
  • Integration with Sec1
    • Registration & Login
      • Login with GITHub
      • New Registration
      • Forgot Password
      • Team Administration
    • Scan
    • Dashboard
    • Auto Fix
    • Integration with Sec1 CLI
      • Sec1 CLI (Command Line Interface) Overview
        • Config
        • Scan
        • Search
    • Integration with CI/CD
      • Jenkins Integration
      • Github Actions
      • Azure DevOps Extension for Sec1 Security
      • Azure DevOps Extension for Sec1 Container Image Scanner
      • GCP Code Build
      • Gitlab CI/CD Component
      • Integration with CircleCI Using the Sec1 Orb
      • Teamcity Plugin
    • How to Get Your API Key
  • External Integrations
    • GITHub Integration
    • Azure SCM Integration
    • Notifications
    • Generate Sec1 API Token
  • Static Application Security Testing
    • SAST Java Rules
      • GIT Leaks
      • Leakage of Information in Logger Message
      • Leakage of sensitive data in cookie
      • Leakage of sensitive data in exception message
      • Leakage of sensitive data to Airbrake
      • Leakage of sensitive data to Algolia
      • Leakage of Sensitive Data to Bugsnag
      • Leakage of Sensitive Data to ClickHouse
      • Leakage of Sensitive Data to Datadog
      • Leakage of Sensitive Data to ElasticSearch
      • Leakage of Sensitive Data to New Relic
      • Leakage of Sensitive Data to OpenTelemetry
      • Leakage of Sensitive Data to RollBar
      • Leakage of Sensitive Data to Sentry
      • Leakage of Sensitive Information in Exception Messages
      • Leakage of sensitive information in logger message
      • Missing authentication for database
      • Missing database password detected
      • Missing HTTP Only Option in Cookie Configuration
      • Missing Optimal Asymmetric Encryption Padding (OAEP)
      • Missing or Permissive SSL Hostname Verifier
      • Missing Protection against Session Fixation Attacks
      • Missing Secure option in cookie configuration
      • Missing signature verification of JWT
      • Missing SSL host check in SMTP
      • Missing Support for Integrity Check
      • Missing TLS validation
      • Observable Timing Discrepancy
      • Permissive Access-Control-Allow-Origin configuration
      • Permissive context mode for resources
      • Permissive cookie configuration
      • Permissive HTTP Only option in cookie configuration
      • Permissive Screenshot option set
      • Possible CLRF injection detected
      • Possible expression language (EL) injection detected
      • Possible HTTP Parameter Pollution detected
      • Unsanitized external input in SQL query
      • Unsanitized use of FileUpload filename
      • Unsanitized user input in 'eval' type function
      • Unsanitized user input in Access-Control-Allow-Origin
      • Unsanitized user input in AWS query
      • Unsanitized user input in code generation
      • Unsanitized user input in deserialization method
      • Unsanitized User Input in File Path Traversal
      • Unsanitized User Input in File Path
      • Unsanitized user input in format string detected
      • Unsanitized user input in HTTP request (SSRF)
      • Unsanitized user input in HTTP response (XSS)
      • Unsanitized user input in LDAP request
      • Unsanitized user input in logger message
      • Unsanitized User Input in OS Command
      • Unsanitized User Input in Output Stream (XSS)
      • Unsanitized User input in Redirect
      • Unsanitized User Input in Regular Expression
      • Unsanitized user input in SQL catalog configuration
      • Unsanitized user input in XML External Entity
      • Unsanitized User Input in XPath
      • Usage of bad hex conversion on digest array
      • Usage of CBC (Cipher Block Chaining) Mode with Padding
      • Usage of custom Digest class
      • Usage of dangerous permissions
      • Usage of ECB Cipher Mode
      • Usage of External Input in Code Reflection
      • Usage of hard-coded database password
      • Usage of hard-coded secret
      • Usage of insufficient random value
      • Usage of naive Socket class to create SSL Socket
      • Usage of permissive file permission ('other')
      • Usage of small key size with Blowfish encryption
      • Usage of Trusted and Untrusted Data inside the same Data Structure
      • Usage of vulnerable Apache Commons Collections InvokeTransformer class
      • Usage of weak encryption algorithm (DES)
      • Usage of Weak Hashing Library on a Password (SHA-1)
      • Usage of Weak Hashing library (MD5)
    • SAST JavaScript Rules
      • Leakage of hard-coded secret in JWT
      • Leakage of information in logger message
      • Leakage of sensitive data in dynamic file generation
      • Leakage of sensitive data in exception message
      • Leakage of sensitive data in JWT
      • Leakage of sensitive data in local storage
      • Leakage of sensitive data to Airbrake
      • Leakage of sensitive data to Algolia
      • Leakage of sensitive data to Bugsnag
      • Leakage of sensitive data to Datadog RUM
      • Leakage of sensitive data to Datadog
      • Leakage of sensitive data to ElasticSearch
      • Leakage of sensitive data to Google Analytics (React)
      • Leakage of sensitive data to Google Analytics
      • Leakage of sensitive data to Google Tag Manager
      • Leakage of sensitive data to HoneyBadger
      • Leakage of sensitive data to New Relic
      • Leakage of sensitive data to OpenTelemetry
      • Leakage of sensitive data to OpenAI
      • Leakage of sensitive data to RollBar
      • Leakage of sensitive data to Segment
      • Leakage of sensitive data to Sentry
      • Leakage of sensitive information in logger message
      • Missing Access Restriction on Directory Listing
      • Missing escape of HTML entities in Handlebars template compilation
      • Missing Helmet configuration on HTTP headers
      • Leakage of Sensitive Information in Exception Messages
      • Missing origin check in message handler
      • Missing Revoke Method on JWT
      • Missing Secure HTTP server Configuration
      • Missing Secure option in Cookie Configuration
      • Missing Server Configuration to reduce Server Fingerprinting
      • Missing TLS validation
      • Observable Timing Discrepancy
      • Permissive file assignment
      • Permissive origin in postMessage
      • Unsanitized dynamic input in file path traversal
      • Unsanitized dynamic input in file path
      • Unsanitized Dynamic input in OS Command
      • Unsanitized dynamic input in regular expression
      • Unsanitized input in NoSQL query
      • Unsanitized user input in 'eval' type function
      • Unsanitized user input in React inner HTML method (XSS)
      • Unsanitized user input in Access-Control-Allow-Origin
      • Unsanitized user input in deserialization method
      • Unsanitized user input in deserialization method
      • Unsanitized user input in dynamic HTML insertion (XSS)
      • Unsanitized user input in DynamoDB query
      • Unsanitized User Input in File Path Traversal
      • Unsanitized user input in format string
      • Unsanitized user input in HTTP request (SSRF)
      • Unsanitized user input in HTTP request (SSRF)
      • Unsanitized user input in HTTP response (XSS)
      • Unsanitized User input in HTTP Send file request
      • Unsanitized User input in OS command
      • Unsanitized user input in raw HTML strings (XSS)
      • Unsanitized User input in Redirect HAPI
      • Unsanitized user input in redirect
      • Unsanitized User input in Redirect
      • Unsanitized user input in regular expression
      • Unsanitized User Input in Resource Rendering
      • Unsanitized input in SQL query
      • Unsanitized User Input in UI
      • Unsanitized user input in XML parsing method
      • Usage of default Cookie Configuration
      • Usage of Default Session Cookie Configuration
      • Usage of externally controlled input to select code
      • Usage of hard-coded Passport Secret
      • Usage of hard-coded secret
      • Usage of Hard-Coded Secret
      • Usage of insecure HTTP connection
      • Usage of insecure websocket connection
      • Usage of insufficient random value
      • Usage of manual HTML sanitization (XSS)
      • Usage of Session on Static Asset (CSRF)
      • Usage of vulnerable DOMPurify package
      • Usage of vulnerable marked package
      • Usage of weak encryption algorithm (DES)
      • Usage of weak encryption algorithm on a password (DES)
      • Usage of weak encryption algorithm on a password (RC4)
      • Usage of weak encryption algorithm (RC4)
      • Usage of weak hashing library (MD5)
      • Usage of weak hashing library on a password (Argon2)
      • Usage of weak hashing library on a password (MD5)
      • Usage of weak hashing library on a password (SHA-1)
      • Usage of weak hashing library (SHA-1)
  • SBOM Scanner
    • Config
    • Scan
  • CISO Console
  • Pricing & Billing
  • CVE API
Powered by GitBook
On this page
  • Login with GitHub
  • New Registration
  • Forgot Password
  • Team Administration
  1. Integration with Sec1

Registration & Login

PreviousIntegration with Sec1NextLogin with GITHub

Last updated 9 months ago

Sec1 offers flexible options for user authentication, allowing users to access the platform via GitHub login or through new user registration. Explore the following sections for detailed documentation on setting up and managing user access to the Sec1 Platform seamlessly.

Login with GitHub

Authenticate users seamlessly using their GitHub credentials to access the Sec1 Platform:

New Registration

Guide users through the process of registering as new users to gain access to the Sec1 Platform:

Forgot Password

Provide users with a streamlined process for resetting their passwords if forgotten:

Team Administration

Manage user access and permissions efficiently by administering teams within the Sec1 Platform:

Login with GITHub
New Registration
Forgot Password
Team Administration