The Importance of Free Secret Detection, Even for Private Repositories
Secrets can pose significant risks to data access, production operations, third-party systems, and reputation. They are often found in various places like source code, logs, Docker images, Slack channels, or shared files. Git secrets scanning has become a commodity with popular open-source tools such as GitLeaks, Git-Secrets, and Detect-Secrets embedded in the development lifecycle. However, these secret scanners often introduce false positives leading to alert fatigue. Additionally, they need individual integration into each repository, causing configuration drift issues. Arnica offers free visibility for everyone and every deterministic piece of code, whether on public or private repositories, addressing risks and reducing the total cost of ownership across developer tools stack.
Company
Arnica
Date published
May 11, 2022
Author(s)
Nir Valtman
Word count
295
Language
English
Hacker News points
19