Blog: How BluBracket identifies risks in source code to enhance code security

There has been a surge in the number of organizations who have reported theft of source code, exposure of secrets in code and in many cases, their proprietary code getting exposed in external repositories due to unauthorized access or code leaks. 

In a recent survey we conducted with ESG that included 350 IT, application security and developer teams, it was determined that 31% of organizations have reported secrets stolen from their git repositories. Most application security tools do not recognize these secrets. (Can you imagine a bank saying “a third of our depositors have money stolen from their account”, and still remaining in business?).

What is BluBracket?

BluBracket is a code and git security suite that identifies risks in your code, monitors who and what has access to your code, and tracks where your code goes outside your git repos.

BluBracket automates the detection, identification, and removal of secrets in code. BluBracket identifies all categories that make up secrets in code, ranks them by risk and provides a means to remediate. BluBracket protects code from leaking into public repositories and prevents secrets and IP from getting into the wrong hands. 

BluBracket works across multiple git providers, integrates with enterprise CI/CD tools, version control, code servers, identity and access management systems, messaging, ticketing and many other IT resources.

BluBracket use-cases 

Who is BluBracket for? 

BluBracket is for individual developers, development and appsec teams of all sizes, and enterprise infosec teams.

How BluBracket works 

BluBracket has two parallel modes of operation:

  1. As a SaaS suite providing protection and alerts across a codebase, supporting the detection, analysis, and remediation of security risks in the code and related to code access
  2. As a local code security tool, with integrations to popular IDEs to support immediate identification of potential risks in the code, without the risk of sending that code to remote servers

And BluBracket integrates at multiple points in the SDLC workflow:

Where does BluBracket integrate? 

BluBracket helps answer three critical questions

BluBracket helps application security teams and development teams assess and mitigate risks in code by answering three critical questions:

  1. What’s in your code? Including dependencies, behavioral risks and content risks
  2. Who has access? Access and configuration monitoring as well as enforcement from code to delivery
  3. Where is it going? Active intelligence and monitoring for intentional and unintentional leaks of secrets in code.

How to get started with BluBracket 

Our Community Edition is always free and you can do a no-obligation trial of our Team Edition, just sign in here to get started. Interested in all our features? Contact our customer success team for a free Enterprise Edition demo.See all the steps to getting started for free, online here.

Share this post!