Skip to main content

Secrets detection

Secrets detection is at core of GitGuardian's monitoring product offering.

What is a secret?#

A secret can be described as any key that provides access to sensitive information, services or assets. Generally these are API keys, encryption keys, Oauth tokens, certificates, PEM files, passwords, and passphrases.

We all know that Version Control Systems are not appropriate places to store secrets. Nonetheless, they are often found hardcoded into source code, within application logs and configuration files.

Guardian ensures that your secrets are not committed or hidden in your git history.

How does GitGuardian detect secrets?#

If you want to understand how GitGuardian has implemented its secrets detection engine, please read our documentation dedicated to this subject.

List of GitGuardian secrets detectors#

You can find the exhaustive list of GitGuardian secrets detectors in the settings of your workspace.

Secrets detectors list

You can activate or deactivate secrets detectors to refine your focus on incidents.

The frequency of a secrets detector is the number of matched secrets per million of commits.