Introduction
Secret scanning tools comb through codebases, detecting patterns and signatures associated with known secrets, and alerting developers to potential vulnerabilities.
This guide details how to initiate and complete an SECRET scan on the platform.
Prerequisites:
You should be signed in with CloudDefense.ai. If not, please refer to our guide on creating a CloudDefense.ai account.
CloudDefense CLI
Gitleaks
Steps
To scan for secrets we need to pass “--no-git” flag from the CLI like,
// Some codecdefense full --api-key=6262fe7f-1434-2711-78fa-268ce4187339 --path=/opt/secretsandstuff --project-name=leaks --no-git
In the above command we pass our api-key, with the project path to scan and –no-git to include secret scans.
Once scans finish we can look the data in UI
And once expanded ,we can see our data
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article