Feature Overview
Datadog Code Security Secret Scanning helps you prevent credential leaks and secure sensitive data across your codebase, repositories, and pipelines. By scanning for exposed API keys, tokens, and passwords directly in source code and configuration files, Secret Scanning helps you to find and fix risks early. Integrated with your version control systems and CI/CD workflows, Code Security Secret Scanning automatically blocks commits and merges containing sensitive information and validates exposures in real time with third-party providers to prioritize active threats.
Prevent credential leaks before they reach production
- Scan source code repositories to automatically detect exposed passwords, API keys, and encryption keys before they ever leave your development environment
- Alert your team instantly with context-enriched findings that surface leaked secrets within your repositories
- Validate live credentials to reduce false positives and prioritize the most critical exposures
Keep AI-generated code secure
- Validate machine-generated source code automatically to ensure no confidential credentials are leaked through agents
- Accelerate the release of AI-generated code, safely
- Datadog severity score helps prioritize the findings
Plug into your existing development process
- Integrate directly with GitHub, GitLab, Azure DevOps, and CI/CD platforms to run automated scans without changing how your teams work.
- Add scanning steps to your existing build and deployment pipelines using lightweight integrations that fit into current automation frameworks.
- Easily integrate security with your development workflows for immediate alerting and triage.
