Here to share the November 2024 updates and new features with you. 🙂
This update focuses on enhancing features optimized for the Korean market and increasing transparency in security management.
• Expanded verification feature for Korean SaaS API keys, including TossPay and NCP
• Added Audit Logs feature
• Added Scheduled Report feature
• Added Chat Support feature
You can sign up and start using Cremit at start.cremit.io.
Feel free to reach out anytime at hi@cremit.io!
We provide audit logs for security auditing and regulatory compliance.
The alert system has been further enhanced. Now, you can regularly monitor the status of your organization’s secrets and receive the following information periodically via Slack and Telegram.
We have introduced a live chat system to improve the technical support experience. Now, technical inquiries and issue resolution can be handled more quickly in both Korean and English.
Now, Cremit supports integration with additional tools to help you manage credential exposure in a centralized way.You can integrate with both BitBucket (for source code management) and GoogleDrive (for cloud storage).
• For BitBucket, choose between the App Password or Access Token method based on your license type.
• For Google Drive, integration is available via your Google Cloud Service Account. For detailed setup instructions, visit our Help Center.
We’ve improved the functionality to track and manage leaked credentials more effectively. You can now see the exact location and status of any exposed credential.
• Contextual Data: View more information around each credential for better understanding and decision-making.
• Action Details: Easily access data on the credential’s active status and location details, so you can address leaks faster.
Our AI-powered remediation features make it easier to understand potential risks from exposed secrets and guide you on next steps.
• Credential ExposureDashboard: Now, all threats are visible at a glance, helping you focus on the highest-priority issues without searching credential-by-credential.
• Comprehensive ActionInformation: Access all essential data to prioritize and take swift action oninternal exposures.
We’ve introduced an Incident Workflow that lets you ticket and track remediation actions directly within the Cremit web console.
• Ticket Creation: Generate incident tickets directly from the Secret, Sensitive, and Exposure screens.
• Action Status Logs: The newTimeline feature logs each action, providing a comprehensive audit trail and making it easier to manage ongoing incidents.
Our pricing structure is changing (note: existing users on lifetime plans remain unaffected). The base platform cost is now lower, with new charges based on user volume and risk levels.
• Leaked Author (Risk) Fee: Fees now depend on the unique authors who have exposed credentials, not on the total number of exposures per author.
• Operation Fee: Aper-member, per-month fee based on the number of users actively using Cremit.
We’ve introduced a LightMode theme following requests from customers who experienced challenges with reporting in Dark Mode. Now, by default, Cremit will automatically match your system theme settings. If you’d like to switch manually, you can change themes via the profile button in the top-right corner.
Previously, users needed to register a card to access the Free Plan. Now, in response to user feedback, you can use theFree Plan without entering card details, making it easier to try Cremit.
• Upon login, no card registration is required, you’ll automatically be set up for an initial scan.
• Need help onboarding? Reach out to us anytime at hi@cremit.io for assistance.
After months of development and rigorous testing, we’re excited to unveil Probe, Cremit’s latest detection engine! With advanced AI-powered technology, our team has dramatically improved both the accuracy and speed of credential detection.
Hello, this is Ben from Cremit!
We’re excited to announce our latest updates for February 2024. Cremit is currently available as a Private Beta; if you’re interested, please reach out to hi@cremit.io to get started.
Cremit now exclusively supports highly secure, passwordless login methods to enhance security. You can log in through Magic Link or PassKey by default, and with SSO setup, you can also log in through Single Sign-On (SSO).
• SSO Settings: Access SSO settings from the designated menu.
• PassKey Setup: Set up PassKey authentication in your profile after logging in.
• Need help? Contact us, and we’ll be happy to assist you!
You now have greater control over your notifications, allowing you to customize notifications for Secret Detection and Sensitive Data events according to your needs.
• Active Secret Notifications: Set notifications specifically for ActiveSecrets, Inactive Secrets, or both.
• Sensitive Data &Secret Classification: Configure notifications based on two main categories—Sensitive Data and Secret.
• Slack Integration: Configure multiple Slack channels and set up multiple notification policies that can operate simultaneously.
We now support SSO login through SAML, making it easy to integrate with your organization’s identity provider (IDP).
• Guided Setup: Find setup guides for popular IDPs like Okta, Google SAML, AAD (Entra ID), JumpCloud, andPing during the configuration process.
• Other IDPs: If you’re using a different IDP, simply select the SAML 2.0 menu and enter the required information.
• Group Mapping: Automate user onboarding with GroupMapping, which sets up roles and creates services according to your IDP groups, streamlining the process after initial setup.
Hello, this is Ben from Cremit!
We’re excited to share our latest updates forJanuary 2024. Cremit is currently available as a Private Beta; if you’re interested, contact us at hi@cremit.io.
Cremit now integrates with Notion to help you scan for secrets and sensitive data within your workspace.
• Easy Integration: Connect through theNotion Application, compatible with both individual and organizational workspaces.
• Data Browsing: Access scanned sensitive data and secrets (like API keys) directly within Notion.
• Detailed Guide: For setup assistance, see the integration guide at support.cremit.io.
We’ve updated our Sensitive Data detection to include key PII patterns specific to Korea. Cremit now detects the following:
• Resident Registration Number
• Driver’s License Number
• Passport Number
• Bank Account Number
• Credit Card Number
How to Access: Existing customers can view these new data patterns under the Sensitive Data tab with no additional setup.If you’d like us to add more patterns, please reach out to hi@cremit.io!
We’ve officially launched our Support Center for all users, complementing the Slack Connect channel previously available only to select customers.
• Knowledge Portal: Access guides and resources to help you get the most out of Cremit.
• Easy Ticketing: For support requests, submit a ticket, and our team will keep you updated on your request status.
Hello, this is Ben from Cremit!
We’re excited to share our first update for December 23. Cremit is currently available as a Private Beta; if you’d like to join, please reach out to us at hi@cremit.io.
We’ve refreshed the Cremit color scheme to provide a more comfortable and visually accessible experience. The dashboard now features high-visibility colors for elements like statistical charts, table data, and highlights, making it easier to navigate and interpret data.
The dashboard has been updated to include more comprehensive statistics. Now, you can view at a glance:
• The number of Secret (API Key) leaks
• The number of sensitive information leaks
• Statistics on types of leaked data and leakage points
This addition makes it easier to monitor and assess data security trends across your organization.
Previously, the Secret Table only displayed data such as activation status, leakage date, and data type. Now, you can also see which user was responsible for each leak, providing greater transparency and accountability.
We’ve introduced role-based permissions to provide more control over user access:
• Administrator: Full access to all functionality
• Writer: Can modify settings and create data
• Reader: Limited to view-only access
This change enhances security by assigning appropriate access levels based on user roles.