How SecretRadar Works

Detect

Scan multiple sources for hidden secrets. SecretRadar Scanner scans beyond code repositories to identify secrets hidden in ZIP archives, Docker images, Git commit history, and more.

Filesystem Scanner
  • ZIP file extraction and analysis
  • Recursive directory scanning
  • Multiple file type support
Git Repository Scanner
  • Full commit history analysis
  • All branches and tags
  • Commit message scanning
Docker Image Scanner
  • All image layers extraction
  • Filesystem content analysis
  • Embedded secrets detection

Analyze

Our detection engine uses 916+ specialized detectors to identify secrets from popular services and platforms. Advanced filtering and verification systems ensure high-quality results.

916+ Specialized Detectors
  • AWS, Azure, GCP cloud services
  • GitHub, GitLab, Bitbucket
  • Slack, Discord, Microsoft Teams
  • 900+ API keys and tokens
Intelligent Pre-Filtering
  • Aho-Corasick algorithm for keyword matching
  • 70-90% performance boost
  • Only relevant detectors executed
Multi-Layer Filtering
  • False positive detection
  • Shannon entropy analysis
  • Custom detector filters

Process

SecretRadar uses advanced scan engines optimized for different scenarios, with intelligent decoding and deduplication to ensure comprehensive and efficient scanning.

Sequential Engine
  • Processes chunks one at a time
  • Ideal for smaller repositories
  • Lower memory footprint
Concurrent Engine
  • Parallel processing with worker threads
  • Optimized for large-scale scans
  • Configurable concurrency
Advanced Decoders
  • Base64, UTF-8, UTF-16 decoding
  • Escaped Unicode support
  • Automatic format detection

Report

Get detailed scan results with verified and unverified secrets, complete with metadata, file paths, line numbers, and source information for easy remediation.

Verification System
  • Pluggable IVerifier interface
  • API-based credential validation
  • Reduced false positives
Detailed Metadata
  • File paths and line numbers
  • Commit information (Git)
  • Layer details (Docker)
Notifications
  • Email notifications on completion
  • Slack integration
  • Job status tracking
916+
Specialized Detectors
3
Scan Sources
70-90%
Performance Boost

Ready to get started?

Start scanning your repositories, Docker images, and filesystems today

Start a Scan