@ScaleSecret ScannerSyncHub

Secure your repositories

Secure your repositories

Secrets and other sensitive data like personal data are frequent findings in software development repositories. Scans made by security researchers find that 16% of repositories on GitHub contain some form of secrets

Secret Scanner

FAST, SIMPLE AND EFFECTIVE MITIGATION OF POTENTIAL SECURITY ISSUES.

Features

Features

Continuous scanning of commits based on rulesets that fits your organization, with filter system for whitelisting of matches and extendable filter system that enables secret validation against password managers.

  • Configurable alert system
  • Web ui for manual whitelisting of secrets
  • Everything packaged in containers for simple deployment
  • Simple configuration. Configure once per azure devops project.
  • Supports both on prem and cloud azure devops installations

Simple set up

Simple set up

Secret scanner is delivered with a pre-configured set of rules. With only one configuration per Azure DevOps project Secret Scanner will scan all your repositories. Even future ones.

Filter and whitelist

Filter and whitelist

Our filter architecture enables us to develop extensions that can automatically confirm or whitelist secrets. T ogether with our manual Whitelisting functionality you have the possibility to implement an aggressive scanner ruleset and whitelist false positives.The explicit possibility to whitelist per repository, file and rule minimize the risk of secrets getting whitelisted by mistake.

Alert

Alert

When secrets are found the system triggers an automatic alert. The alert method is configurable and extendable. Alert recipients are also configurable. Out of the box you can configure Secret Scanner to alert by mail or to Splunk ... or both.

Get in touch