BluBracket scans all changes once a pull request is created to ensure new risks are not merged into your codebase.
Catch hardcoded secrets before they are inadvertently pushed to a remote feature branch.
Automatically post alerts to Slack, Jira or ServiceNow to ensure developers fix their coding mistakes and scrub remote feature branches containing secrets.
Flag use of sensitive language or Personally Identifiable Information (PII) before it’s merged.
Create regular expressions to raise alerts and block sensitive or exclusive language or PII from being merged into your codebase.
Identify misconfigurations with Infrastructure as Code (IaC)
Reduce your Risk Score by following remediation tips to properly configure your Infrastructure as Code (Iac).
BluBracket performs post-merge build validations as part of your CI/CD process.
Escape alerts when hardcoded secrets are merged into your main branch.
Integrate with your CI/CD tools to automatically fail daily or nightly builds. Create alerts and escalates to your team vis Slack, PagerDuty, or ServiceNow to ensure secrets are immediately revoked, if necessary.
Scan containers for secrets.
Configure the Blubracket Scanner to monitor Docker images, file archives and network locations for secrets.
Monitor public repositories for your vital IP.
BluBracket regularly scans public repositories for code fingerprints that may have leaked into the extended universe. Follow actionable remediation URLs to fix issues quickly.
BluBracket performs a deep scan of every commit in your repository to determine your comprehensive Risk Score.
Check for hardcoded secrets in your commit history.
Common ways to reduce your Risk Score include:
Fixing coding mistakes by using environment variable or integrating a Secrets Management tool
Invalidating active tokens
Re-writing problematic commit history
Discover who has access to your code.
Tighten security on your repository by limiting the number of owners and removing inactive collaborators.
Identify git misconfigurations in your repository.
Reduce your Risk Score by configuring your repository to:
Invalidate stale reviews
Set branch protection rules
Restrict direct pushes across any branch
Track copies of sensitive code.
BluBracket alerts let you quickly identify proliferation of vital IP with your organization.
Pre-commit checks
The BluBracket CLI performs pre-commit checks locally to prevent new risks from sneaking into your repository history.
Prevent coding mistakes before they are saved to your local commit history.
Ensure developers use environment variables or integrate a Secrets Management tool early in the development process.
Block the use of sensitive language or Personally Identifiable Information (PII) in your code.
Command line alerts catch when sensitive or exclusive language is used in your code. Create a regular expression to identify custom terms or PII.
Eliminate unsigned commits.
BluBracket alerts you when commits are unsigned and assists with configuring commit signing.
PR Checks
BluBracket scans all changes once a pull request is created to ensure new risks are not merged into your codebase.
Catch hardcoded secrets before they are inadvertently pushed to a remote feature branch.
Automatically post alerts to Slack, Jira or ServiceNow to ensure developers fix their coding mistakes and scrub remote feature branches containing secrets.
Flag use of sensitive language or Personally Identifiable Information (PII) before it’s merged.
Create regular expressions to raise alerts and block sensitive or exclusive language or PII from being merged into your codebase.
Identify misconfigurations with Infrastructure as Code (IaC)
Reduce your Risk Score by following remediation tips to properly configure your Infrastructure as Code (Iac).
Post merge validation
BluBracket performs post-merge build validations as part of your CI/CD process.
Escape alerts when hardcoded secrets are merged into your main branch.
Integrate with your CI/CD tools to automatically fail daily or nightly builds. Create alerts and escalates to your team vis Slack, PagerDuty, or ServiceNow to ensure secrets are immediately revoked, if necessary.
Scan containers for secrets.
Configure the Blubracket Scanner to monitor Docker images, file archives and network locations for secrets.
Monitor public repositories for your vital IP.
BluBracket regularly scans public repositories for code fingerprints that may have leaked into the extended universe. Follow actionable remediation URLs to fix issues quickly.