Hello from Cremit! We're excited to announce our first major update, dedicated to safeguarding your organization's security. This update focuses on effectively detecting and managing non-human identities (like API keys, certificates, service account credentials) hidden within your code repositories.

✨ New Features

• Deep Scan Integration for GitHub & GitLab:

  • Accurately detects exposed API keys, secrets, certificates, and other NHIs by scanning the entire history of your public and private repositories.

  • Identifies potential threats in various locations, including commit messages, code comments, and configuration files.

• Initial Dashboard Launch:

  • Provides a basic dashboard offering an at-a-glance overview of detected NHIs, including their type, location, severity, and associated repository.

• Basic Alert Configuration:

  • Instantly notifies administrators via email upon the detection of new non-human identities.

🛠️ Improvements

• Optimized Git Scanning Engine: Improved performance for scanning large repositories and extensive commit histories, reducing detection time.

• Refined Detection Patterns: Enhanced accuracy in detecting sensitive information that could pose actual threats, while reducing false positives.

📣 What's Next? We plan to support more code repositories and enhance contextual information for detected identities. Build a secure development environment with Cremit!