Analysis tools logo
0

detect-secrets

An enterprise friendly way of detecting and preventing secrets in code. It does this by running periodic diff outputs against heuristically crafted regex statements, to identify whether any new secret has been committed. This way, it avoids the overhead of digging through all git history, as well as the need to scan the entire repository every time.

Github:
    260026001103262017
Workflow integration:
  • Type: cli
    cli

Official detect-secrets Homepage

https://github.com/Yelp/detect-secrets

Apache-2.0

Maintained

Alternative Tools

  • 0tfsec
  • 0trufflehog
  • 0Tsunami Security Scanner
  • 0Veracode
  • -1weggli