Secrets Exposure

Secrets Exposure

Detect leaked credentials, API keys, and certificates across code, configs, and runtime surfaces.

Total Findings

8

Critical

2

keys in source

Open

5

not yet fixed

Fixed (30d)

2
+20%vs prior period

Active Findings

Open and recently-resolved secret exposures

AWS Access Key in source codeCriticalapi key
api-gateway/src/main.go:142·detected 7/1/2026
open
Stripe Secret Key in env fileCriticalapi key
checkout-api/.env.example:8·detected 6/29/2026
open
GitHub PAT in CI logsHightoken
ci-logs/build-8821.log·detected 6/28/2026
fixed
Private SSH key in Docker imageHighprivate key
billing-service/Dockerfile·detected 6/26/2026
open
Database password in Helm valuesHighpassword
k8s/postgres/values.yaml:24·detected 6/24/2026
fixed
JWT signing secret in commit messageMediumtoken
git:web-app@a3f2c1b·detected 6/22/2026
open
Slack webhook URL in codeLowtoken
alerts/src/notify.go:67·detected 6/20/2026
ignored
Expired TLS certificate detectedMediumcertificate
edge/lb-prod-eu-west-1·detected 6/18/2026
open

Severity Breakdown

Distribution of all findings

Critical2
High3
Medium2
Low1

Scan History

Last 5 scheduled scans

All repositories
7/2/2026, 5:00:00 AM
8
+2 new
All repositories
7/1/2026, 5:00:00 AM
7
+1 new
All repositories
6/30/2026, 5:00:00 AM
6
All repositories
6/29/2026, 5:00:00 AM
6
+3 new
All repositories
6/28/2026, 5:00:00 AM
4
+1 new

Command Palette

Search for a command to run...