Secrets Exposure
Detect leaked credentials, API keys, and certificates across code, configs, and runtime surfaces.
Total Findings
8
Critical
2
keys in source
Open
5
not yet fixed
Fixed (30d)
2
+20%vs prior period
Active Findings
Open and recently-resolved secret exposures
AWS Access Key in source codeCriticalapi key
api-gateway/src/main.go:142·detected 7/1/2026
open
Stripe Secret Key in env fileCriticalapi key
checkout-api/.env.example:8·detected 6/29/2026
open
GitHub PAT in CI logsHightoken
ci-logs/build-8821.log·detected 6/28/2026
fixed
Private SSH key in Docker imageHighprivate key
billing-service/Dockerfile·detected 6/26/2026
open
Database password in Helm valuesHighpassword
k8s/postgres/values.yaml:24·detected 6/24/2026
fixed
JWT signing secret in commit messageMediumtoken
git:web-app@a3f2c1b·detected 6/22/2026
open
Slack webhook URL in codeLowtoken
alerts/src/notify.go:67·detected 6/20/2026
ignored
Expired TLS certificate detectedMediumcertificate
edge/lb-prod-eu-west-1·detected 6/18/2026
open
Severity Breakdown
Distribution of all findings
Critical2
High3
Medium2
Low1
Scan History
Last 5 scheduled scans
All repositories
7/2/2026, 5:00:00 AM
8
+2 new
All repositories
7/1/2026, 5:00:00 AM
7
+1 new
All repositories
6/30/2026, 5:00:00 AM
6
All repositories
6/29/2026, 5:00:00 AM
6
+3 new
All repositories
6/28/2026, 5:00:00 AM
4
+1 new