Add NewRelic insert key detection (#1417)

cmd/generate/config/main.go

@@ -133,6 +133,7 @@ func main() {
 		rules.NewRelicUserID(),
 		rules.NewRelicUserKey(),
 		rules.NewRelicBrowserAPIKey(),
+		rules.NewRelicInsertKey(),
 		rules.NPM(),
 		rules.NytimesAccessToken(),
 		rules.OktaAccessToken(),

cmd/generate/config/rules/newrelic.go

@@ -75,3 +75,26 @@ func NewRelicBrowserAPIKey() *config.Rule {
 	}
 	return validate(r, tps, nil)
 }
+
+func NewRelicInsertKey() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "new-relic-insert-key",
+		Description: "Discovered a New Relic insight insert key, compromising data injection into the platform.",
+		Regex: generateSemiGenericRegex([]string{
+			"new-relic",
+			"newrelic",
+			"new_relic",
+		}, `NRII-[a-z0-9-]{32}`, true),
+
+		Keywords: []string{
+			"NRII-",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("new-relic", "NRII-"+secrets.NewSecret(hex("32"))),
+	}
+	return validate(r, tps, nil)
+}

config/gitleaks.toml

@@ -2367,6 +2367,14 @@ keywords = [
     "nrjs-",
 ]
 
+[[rules]]
+id = "new-relic-insert-key"
+description = "Discovered a New Relic insight insert key, compromising data injection into the platform."
+regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(NRII-[a-z0-9-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
+keywords = [
+    "nrii-",
+]
+
 [[rules]]
 id = "new-relic-user-api-id"
 description = "Found a New Relic user API ID, posing a risk to application monitoring services and data integrity."