Eliminate
secret sprawl
Clean your version control system and prevent secrets from making their way into your codebase.
Scott Chacon
GitHub
Reduce attack vectors for external hackers, malicious insiders, and compromised users
Be compliant with industry standards
Raise awareness amongst your developers teams by enforcing good development practices
Your developers client side (local git) and your git server
Many different types of secrets: API keys, database connection strings, credentials, certificates, …
With industry standards and best practices
Local git-friendly detection to prevent some secrets from entering the codebase.
Sophisticated detection to catch other secrets and prevent client side layer from being bypassed.