Overview

CodeAnt AI’s Secrets Detection feature ensures that you never accidentally commit sensitive information or secrets into your codebase. By stopping these potential security risks at the pull request stage, you can maintain a secure and compliant code environment.

Key Features

  • ArtifactoryDetector: Detects secrets related to Artifactory.
  • AWSKeyDetector: Identifies AWS access keys and secrets.
  • AzureStorageKeyDetector: Finds Azure storage keys.
  • BasicAuthDetector: Detects basic authentication credentials.
  • CloudantDetector: Identifies Cloudant database credentials.
  • DiscordBotTokenDetector: Finds Discord bot tokens.
  • GitHubTokenDetector: Detects GitHub access tokens.
  • GitLabTokenDetector: Identifies GitLab tokens.
  • Base64HighEntropyString: Detects high entropy Base64 strings that are likely secrets.
  • HexHighEntropyString: Identifies high entropy hexadecimal strings.
  • IbmCloudIamDetector: Detects IBM Cloud IAM credentials.
  • IbmCosHmacDetector: Finds IBM COS HMAC keys.
  • IPPublicDetector: Identifies public IP addresses that may be sensitive.
  • JwtTokenDetector: Detects JSON Web Tokens (JWT).
  • KeywordDetector: Uses keywords to identify potential secrets.
  • MailchimpDetector: Finds Mailchimp API keys.
  • NpmDetector: Identifies NPM tokens.
  • OpenAIDetector: Detects OpenAI API keys.
  • PrivateKeyDetector: Identifies private keys.
  • PypiTokenDetector: Finds PyPI tokens.
  • SendGridDetector: Detects SendGrid API keys.
  • SlackDetector: Identifies Slack tokens.
  • SoftlayerDetector: Finds SoftLayer credentials.
  • SquareOAuthDetector: Detects Square OAuth tokens.
  • StripeDetector: Identifies Stripe API keys.
  • TelegramBotTokenDetector: Finds Telegram bot tokens.
  • TwilioKeyDetector: Detects Twilio API keys.

How It Works

  1. Commit Code: Create a PR on your repository.
  2. Run Secrets Detection: CodeAnt AI scans your PR for any secrets or sensitive information.
  3. Block Commit: If any secrets are detected, you are notified of the issue on PR itself.
  4. Review and Remove: Review the identified secrets and remove them before re-committing your code.

Benefits

  • Enhanced Security: Prevent sensitive information from being exposed in your codebase.
  • Proactive Protection: Catch and address security risks before they reach production.
  • Compliance Assurance: Ensure your codebase complies with security and privacy standards.

Demo

For a detailed use case and step-by-step guide on how to utilize the secrets detection feature, check out our demo.

Chat with PRInfrastructure as Code (IaC) Analysis