Cremit | Vigilant Ally: Helping Developers Secure GitHub Secrets

Announcement

Ben Kim

December 3, 2024

4-minute read

Sensitive information like API keys, credentials, and tokens frequently find their way into code repositories, creating vulnerabilities for organizations. To address this growing challenge, Cremit has launched Vigilant Ally, an initiative designed to help developers secure their secrets on GitHub.
Vigilant Ally isn’t just about detecting leaks—it’s about empowering developers to adopt secure coding practices and take control of their secrets management with tools like Probe, Cremit’s secret detection tool.

The Rising Threat of Secrets Leaks

In today’s collaborative development environments, the accidental exposure of sensitive data is all too common. A single exposed API key can lead to unauthorized access, compromised systems, and even costly data breaches. Vigilant Ally aims to minimize these risks by supporting the developer community by proactively detecting secrets in GitHubs depositories and alerting the developer swiftly.

How Vigilant Ally Supports Developers

Vigilant Ally bridges the gap between security and development, offering:

• Proactive Scanning: Continuously monitoring GitHub repositories to detect leaked secrets.

• Real-Time Notifications: Developers are alerted immediately when a potential leak is found, enabling quick action.

Screenshot of a Cremit email alerting user about a detected credential leak on their Github account.

• Clear Remediation Steps: Alerts include author, path and other information relevant to help mitigate the risk of compromised secrets.

• Community Awareness: Vigilant Ally is part of Cremit’s mission to foster a culture of security within the development community.

Start Protecting Secrets Proactively

Space probe in orbit around planet Earth, with continents and clouds visible below.

While the Vigilant Ally program works to keep GitHub a safe space, there are many other working spaces where secrets could accidentally leak. For that, we have Probe, Cremit’s Secret’s Leak detection tool, which continuously monitors for leaks. Designed to seamlessly integrate into your workflow, Probe helps developers:

1. Catch Issues Early: By identifying exposed secrets as they appear.

2. Minimize Risk: Protect sensitive assets before they can be exploited.

3. Stay Focused: Automated detection and guidance free up developers to concentrate on building great software.

Subscribe to Probe and Start Protecting Secrets Today

Vigilant Ally is a commitment to helping developers safeguard their work. By using Probe, Cremit’s advanced secret detection tool, you can take the first step toward secure DevSecOps practices.

Visit the Vigilant Ally page to learn more about the program and discover how Probe can help you protect your secrets by signing up right now or book a demo.

Unlock AI-Driven Insights to Master Non-Human Identity Risk.

Go beyond basic data; unlock the actionable AI-driven insights needed to proactively master and mitigate non-human identity risk

Get started

A dark-themed cybersecurity dashboard from Cremit showing non-human identity (NHI) data analysis. Key metrics include “Detected Secrets” (27 new) and “Found Sensitive Data” (58 new) from Jan 16–24, 2024. Two donut charts break down source types of detected secrets and sensitive data by platform: GitHub (15k), GetResponse (1,352), and Atera (352), totaling 16.9k. The dashboard includes a line graph showing trends in sensitive data over time, and bar charts showing the top 10 reasons for sensitive data detection—most prominently email addresses and various key types (API, RSA, PGP, SSH).

Blog

Explore more news & updates

Stay informed on the latest cyber threats and security trends shaping our industry.

OWASP NHI5:2025 Insecure Authorization Deep Dive

Explore OWASP NHI5: Insecure Authorization. See how Non-Human Identities gain excess privileges, causing breaches. Learn countermeasures like Zero Trust & least privilege.