SecretScanner v2.0 releases: Find secrets and passwords in container images and file systems

What are Secrets?

Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure (such as accounts, devices, network, cloud-based services), applications, storage, databases, and other kinds of critical data for an organization. For example, passwords, AWS access IDs, AWS secret access keys, Google OAuth Key, etc. are secrets. Secrets should be strictly kept private. However, sometimes attackers can easily access secrets due to flawed security policies or inadvertent mistakes by developers. Sometimes developers use default secrets or leave hard-coded secrets such as passwords, API keys, encryption keys, SSH keys, tokens, etc. in container images, especially during rapid development and deployment cycles in CI/CD pipeline. Also, sometimes users store passwords in plain text. Leakage of secrets to unauthorized entities can put your organization and infrastructure at a serious security risk.

Deepfence SecretScanner helps users scan their container images or local directories on hosts and outputs a JSON file with details of all the secrets found.

Check out our blog for more details.

Changelog v2.0

• Merging for optimise memory commit by @saurabh2253 in #86
• v2-handle-stuck-job: Handle stale or stuck jobs by @varunsharma0286 in #93
• use-ticker: Use ticker instead of timer for periodic task by @varunsharma0286 in #94
• Update dependencies by @ramanan-ravi in #95
• ISSUE-1830: Adding support for stopping the scan by @varunsharma0286 in #98
• add table output for cli by @gnmahanth in #97

Install & Use

Copyright (c) 2020 deepfence