rspec/shared_content/secrets/fix/recent_use.adoc

**Analyze recent secret use**

When available, analyze authentication logs to identify any unintended or
malicious use of the secret since its disclosure date. Doing this will allow
determining if an attacker took advantage of the leaked secret and to what
extent.

This operation should be part of a global incident response process.
Modify rule S6652: Move content to shared directory (#2810) 2023-08-07 15:49:00 +02:00			`Analyze recent secret use`

			`When available, analyze authentication logs to identify any unintended or`
			`malicious use of the secret since its disclosure date. Doing this will allow`
			`determining if an attacker took advantage of the leaked secret and to what`
			`extent.`

			`This operation should be part of a global incident response process.`