Continuous scanning of commits based on rulesets that fits your organization, with filter system for whitelisting of matches and extendable filter system that enables secret validation against password managers.

• Configurable alert system
• Web ui for manual whitelisting of secrets
• Everything packaged in containers for simple deployment
• Simple configuration. Configure once per azure devops project.
• Supports both on prem and cloud azure devops installations

Secret scanner is delivered with a pre-configured set of rules. With only one configuration per Azure DevOps project Secret Scanner will scan all your repositories. Even future ones.

Our filter architecture enables us to develop extensions that can automatically confirm or whitelist secrets. T ogether with our manual Whitelisting functionality you have the possibility to implement an aggressive scanner ruleset and whitelist false positives.The explicit possibility to whitelist per repository, file and rule minimize the risk of secrets getting whitelisted by mistake.

When secrets are found the system triggers an automatic alert. The alert method is configurable and extendable. Alert recipients are also configurable. Out of the box you can configure Secret Scanner to alert by mail or to Splunk ... or both.