Secrets and PII
Detects, analyzes, and manages sensitive data such as API keys, passwords, credentials, and personally identifiable information across source code repositories, configuration files, and deployed applications. It tracks exposure lifecycle from detection through remediation to ensure compliance with privacy regulations.
Required Blueprints: GitHub, Azure DevOps, Azure, Bitbucket, AWS
Sightlines
| Sightline | Description |
|---|---|
| Container PII and Secret Detection | Provides visibility into sensitive data exposure risks within container images, helping identify and remediate potent... |
| Code PII and Secret Detection | Offers visibility into secrets identified within Git repositories, enabling proactive remediation and enhanced securi... |
Explorer Node Types
Use these node types in Explorer or KAI to query resources surfaced by this analyzer:
sca.secretscan.Finding
Related Analyzers
- Repository — Secrets discovered in source code repositories
- Code — PII and secrets found alongside code vulnerabilities
- IaC — Hardcoded secrets in Terraform and CloudFormation files
- Software Composition Analysis — Secrets in container images and packages