GitGuardian scans your Docker images for secrets and sensitive data. Find hardcoded API keys, database credentials, private keys, and a lot more in your Docker images before publishing them to public or private artifact registries.
Sign up here. Once you’re done, generate your API key
to use ggshield, the GitGuardian CLI app.
Follow the steps in the documentation
to install ggshield on your machine.
Hooray 🎉 You can now scan your first Docker image
for hardcoded secrets. Run ggshield scan docker <IMAGE_NAME>.
Each month more than 10K developers protect their code using GitGuardian and join the community.
@GitGuardian I appreciate your security enhancement on my repositories. This is a greater solution to security and I believe if you try it you will actually be impressed. Gracias
I accidentally pushed a valid Slack Webhook URL into a github repository. In 5 minutes I got email from Slack and GitGuardian to warn me about the incident. That's great! 👏
👀 Finding secrets in Docker containers @GitGuardian scanned ~2K public containers, and found secrets in ~7% Pro tip: Use the Docker manifest file to focus on layers where either files are manually added or copied, or environment variables are modified
@GitGuardian Thanks for your help in keeping @dolibarr and @dolicloud safer.
Connect with our product experts
and get a 1:1 demo