Hi, I was wondering if anyone has implemented anything for secure code scanning? (i.e. scanning code written in the platform, using tools like code repositories, to scan for sensitive things like keys, passwords etc).
If you can persist the code that needs to get scanned into a dataset, then you can use Sensitive Data Scanner to run ad-hoc or automated scans for various types of sensitive data found in the code.
For example, Sensitive Data Scanner ships with a built-in “Match Condition” to match JSON Web Tokens, and you can further customize that Match Condition or write your own completely custom Match Conditions for other types of sensitive data, like known insecure passwords, a specific key you’re looking for, etc.
1 Like