Secret Scanner

FAST, SIMPLE AND EFFECTIVE

MITIGATION OF POTENTIAL SECURITY ISSUES.

Secure your repositories

Secrets and other sensitive data like personal data are frequent findings in software development repositories. Scans made by security researchers find that 16% of repositories on GitHub contain some form of secrets

Features

Rich feature set

Continuous scanning of commits based on rulesets that fits your organization, with filter system for whitelisting of matches and extendable filter system that enables secret validation against password managers.

Configurable alert system
Web ui for manual whitelisting of secrets
Everything packaged in containers for simple deployment
Simple configuration. Configure once per azure devops project.
Supports both on prem and cloud azure devops installations

customizable to your needs

Simple set up

Secret scanner is delivered with a pre-configured set of rules. With only one configuration per Azure DevOps project Secret Scanner will scan all your repositories. Even future ones.

Filter and whitelist

Our filter architecture enables us to develop extensions that can automatically confirm or whitelist secrets. T ogether with our manual Whitelisting functionality you have the possibility to implement an aggressive scanner ruleset and whitelist false positives.The explicit possibility to whitelist per repository, file and rule minimize the risk of secrets getting whitelisted by mistake.

Quick Feedback Notification

Alert

When secrets are found the system triggers an automatic alert. The alert method is configurable and extendable. Alert recipients are also configurable. Out of the box you can configure Secret Scanner to alert by mail or to Splunk ... or both.