November 25, 2024

Cremit Changelog | November 2024

We're here to share the November 2024 updates and new features with you. 🙂
This update focuses on enhancing features optimized for the Korean market and increasing transparency in security management.

• Expanded verification feature for Korean SaaS API keys, including TossPay and NCP

• Added Audit Logs feature

• Added Scheduled Report feature

• Added Chat Support feature

You can sign up and start using Cremit at start.cremit.io.

Feel free to reach out anytime at hi@cremit.io! 

Expanded Verification of API keys for Korean SaaS Services

A colorful digital illustration featuring cybersecurity and privacy-related icons in a modern, stylized design. The image includes symbols such as padlocks, magnifying glasses, an email envelope, a computer screen with a keyhole, and a security alarm, all in shades of blue, pink, and purple. The background has a gradient effect, transitioning from blue to purple.
  • Cremit’s credential (non-human identities, sensitive information) detection and verification patterns are now further optimized for the Korean market.
  • In addition to the existing 900+ verification patterns, we now support API key verification for Toss Payments and Naver Cloud Platform (NCP)

Audit Logs Feature

We provide audit logs for security auditing and regulatory compliance.

  • User login/logout
  • Integration setup changes
  • User permission management
  • Changes to settings such as SAML

Scheduled Reports Feature

A user interface screenshot of Cremit’s alert management system, displaying a modal window titled “Add Telegram Alert.” The modal allows users to configure Telegram notifications for security events by entering a Telegram Chat ID, label, and scheduling reports. Options for selecting days of the week, time, and enabling alerts for secrets and sensitive data are visible. The background shows a blurred dashboard with navigation options, including “Dashboard,” “Incident,” “Secret,” “Sensitive Data,” “Integration,” “Alert,” “Audit Logs,” and “Setting.” The interface has a clean design with a blue and purple gradient background.

The alert system has been further enhanced. Now, you can regularly monitor the status of your organization’s non-human identities and receive the following information periodically via Slack and Telegram.

  • Status of active/inactive NHI with trend analysis
  • Secret statistics by Integration
  • Trends in NHIs and sensitive information growth

Chat Support Feature

Screenshot of the Cremit security dashboard, displaying weekly secret statistics, source type statistics with a pie chart, and sections for active secret count and recent detected secrets. The left sidebar includes navigation options like Dashboard, Incident, Secret, Sensitive Data, Integration, Alert, Audit Logs, and Settings. A chat widget on the right shows an automated message from a support bot. The interface features a clean, modern design with real-time security insights and user-friendly navigation.

We have introduced a live chat system to improve the technical support experience. Now, technical inquiries and issue resolution can be handled more quickly in both Korean and English.

June 26, 2024

Cremit Changelog | June 2024

Expanded Integration Scopes

Cremit security dashboard showcasing integration options with popular development and collaboration tools like GitHub, GitLab, Jira, Confluence, and Notion. Enhance security by uncovering hidden credentials across platforms.

Now, Cremit supports integration with additional tools to help you manage credential exposure in a centralized way.You can integrate with both BitBucket (for source code management) and GoogleDrive (for cloud storage).

• For BitBucket, choose between the App Password or Access Token method based on your license type.

• For Google Drive, integration is available via your Google Cloud Service Account. For detailed setup instructions, visit our Help Center.

Usability Enhancements

Cremit security dashboard displaying an exposed Notion credential detected in a GitHub repository. Includes exposure date, first and last seen timestamps, active status, and recognitions across multiple platforms. The GitHub repository section highlights the detected secret in code, along with commit details, author email, and path information. Security insights help developers mitigate credential leaks effectively.

We’ve improved the functionality to track and manage leaked credentials more effectively. You can now see the exact location and status of any exposed credential.

• Contextual Data: View more information around each credential for better understanding and decision-making.

• Action Details: Easily access data on the credential’s active status and location details, so you can address leaks faster.

Enhanced RemediationOptions

AI-powered security remediation report in Cremit detailing leaked Notion API key risks, severity of the incident, potential risk factors, and steps to resolve security vulnerabilities.

Our AI-powered remediation features make it easier to understand potential risks from exposed secrets and guide you on next steps.

• Credential Exposure Dashboard: Now, all threats are visible at a glance, helping you focus on the highest-priority issues without searching credential-by-credential.

• Comprehensive ActionInformation: Access all essential data to prioritize and take swift action oninternal exposures.

Incident Management Improvements

Cremit security incident overview detailing an unresolved AWS secret exposure. Displays exposure date, first and last seen timestamps, status changes, and an activity timeline for tracking resolution.

We’ve introduced an Incident Workflow that lets you ticket and track remediation actions directly within the Cremit web console.

• Ticket Creation: Generate incident tickets directly from the Secret, Sensitive, and Exposure screens.

• Action Status Logs: The newTimeline feature logs each action, providing a comprehensive audit trail and making it easier to manage ongoing incidents.

Updates to Pricing Policy

Cremit billing dashboard displaying business plan details, leaked author fee, and operation fee for managing security services. Includes a list of users with their email addresses and roles.

Our pricing structure is changing (note: existing users on lifetime plans remain unaffected). The base platform cost is now lower, with new charges based on user volume and risk levels.

• Leaked Author (Risk) Fee: Fees now depend on the unique authors who have exposed credentials, not on the total number of exposures per author.

• Operation Fee: Aper-member, per-month fee based on the number of users actively using Cremit.

April 27, 2024

Cremit Changelog | April 2024

Light Theme Update

Cremit security dashboard displaying user profile settings with email address, theme toggle for light and dark mode, and options to add a passkey or log out. Found sensitive data count displayed.

We’ve introduced a LightMode theme following requests from customers who experienced challenges with reporting in Dark Mode. Now, by default, Cremit will automatically match your system theme settings. If you’d like to switch manually, you can change themes via the profile button in the top-right corner.

Free Plan Update

Cremit security platform integration options featuring GitHub, GitLab, Jira, Confluence, and Notion. The dashboard promotes secure collaboration by detecting hidden credentials across development and project management tools. Optimize security workflows with seamless integrations.

Previously, users needed to register a card to access the Free Plan. Now, in response to user feedback, you can use theFree Plan without entering card details, making it easier to try Cremit.

• Upon login, no card registration is required, you’ll automatically be set up for an initial scan.

• Need help onboarding? Reach out to us anytime at hi@cremit.io for assistance.

Probe Engine Launch

After months of development and rigorous testing, we’re excited to unveil Probe, Cremit’s latest secret detection engine! With advanced AI-powered technology, our team has dramatically improved both the accuracy and speed of credential detection.

  • Why Probe? Like a space probe exploring new frontiers, our engine dives deep into your data landscape, “probing” for hidden threats and delivering unparalleled insights.
  • AI-Powered Detection: Unlike traditional heuristic or regex-based detection, Probe harnesses AI to identify PII and other sensitive information across diverse sources, significantly minimizing false positives.
  • Speed & Efficiency: Probe sets a new standard in credential detection, processing data at over twice the speed of most third-party tools and up to 8.8 times faster with large datasets. It’s the market’s fastest solution for credential detection.
March 1, 2024

Cremit Changelog | February 2024

Hello, this is Ben from Cremit!

We’re excited to announce our latest updates for February 2024. Cremit is currently available as a Private Beta; if you’re interested, please reach out to hi@cremit.io to get started.

Secure, Passwordless Login

Cremit login page featuring multiple authentication options, including email-based Magic Link, Single Sign-On (SSO), and Passkey login for enhanced security. The interface includes a privacy notice and terms of service agreement. Secure access with flexible authentication methods.

Cremit now exclusively supports highly secure, passwordless login methods to enhance security. You can log in through Magic Link or PassKey by default, and with SSO setup, you can also log in through Single Sign-On (SSO).

• SSO Settings: Access SSO settings from the designated menu.

• PassKey Setup: Set up PassKey authentication in your profile after logging in.

• Need help? Contact us, and we’ll be happy to assist you!

More Detailed Notification Policies

Cremit Slack integration settings for secret detection notifications. Users can configure a target Slack channel ID, set a label, and choose alert preferences for active, inactive, or both types of detected secrets. Includes options to delete the configuration or submit changes. Enhance security monitoring with Slack alerts for sensitive data exposure.

You now have greater control over your notifications, allowing you to customize notifications for Secret Detection and Sensitive Data events according to your needs. 

• Active Secret Notifications: Set notifications specifically for ActiveSecrets, Inactive Secrets, or both.

• Sensitive Data &Secret Classification: Configure notifications based on two main categories—Sensitive Data and Secret.

• Slack Integration: Configure multiple Slack channels and set up multiple notification policies that can operate simultaneously.

SSO Login via SAML

Cremit SAML configuration settings page displaying identity provider (IdP) options including Okta, Google SAML, Azure AD, JumpCloud, and Ping for secure authentication. Users can configure SAML 2.0 directly and set a redirect URL for seamless login integration. Enhance enterprise security with SAML-based single sign-on (SSO) authentication.

We now support SSO login through SAML, making it easy to integrate with your organization’s identity provider (IDP).

• Guided Setup: Find setup guides for popular IDPs like Okta, Google SAML, AAD (Entra ID), JumpCloud, andPing during the configuration process.

• Other IDPs: If you’re using a different IDP, simply select the SAML 2.0 menu and enter the required information.

• Group Mapping: Automate user onboarding with GroupMapping, which sets up roles and creates services according to your IDP groups, streamlining the process after initial setup.

January 12, 2024

Cremit Changelog | January 2024

Hello, this is Ben from Cremit!

We’re excited to share our latest updates forJanuary 2024. Cremit is currently available as a Private Beta; if you’re interested, contact us at hi@cremit.io.

Notion Integration for Secrets & Sensitive Data Scanning

Cremit integration request for Notion access, prompting user Ben Kim to grant permissions for viewing, editing, and commenting on selected pages, as well as accessing workspace user details. The interface ensures secure API integration with a consent confirmation. On the right side, GitLab and Notion connection options are visible, allowing seamless authentication and data synchronization.

Cremit now integrates with Notion to help you scan for non-human identities and sensitive data within your workspace.

• Easy Integration: Connect through theNotion Application, compatible with both individual and organizational workspaces.

• Data Browsing: Access scanned sensitive data and NHIs (like API keys) directly within Notion.

• Detailed Guide: For setup assistance, see the integration guide at support.cremit.io.

New Patterns for Scanning PII Data in Korea

Cremit sensitive data monitoring dashboard displaying detected confidential information such as Korean passport numbers, bank account details, and credit card numbers. Users can filter results by source type and reason for exposure. A tooltip reveals metadata, including the author, detection date, and inclusion timestamp. Enhance data security with real-time sensitive information tracking.

We’ve updated our Sensitive Data detection to include key PII patterns specific to Korea. Cremit now detects the following:

• Resident Registration Number

• Driver’s License Number

• Passport Number

• Bank Account Number

• Credit Card Number

How to Access: Existing customers can view these new data patterns under the Sensitive Data tab with no additional setup.If you’d like us to add more patterns, please reach out to hi@cremit.io!

Support Center Now Available!

Cremit support center homepage featuring a knowledge base and ticketing system. Includes a search bar for articles, category filters, and support topics like account creation and system integration. Users can switch between English and Korean for multilingual assistance. Contact support at hi@cremit.io for help.

We’ve officially launched our Support Center for all users, complementing the Slack Connect channel previously available only to select customers.

• Knowledge Portal: Access guides and resources to help you get the most out of Cremit.

• Easy Ticketing: For support requests, submit a ticket, and our team will keep you updated on your request status.

December 17, 2023

Cremit Changelog | December 2023

Hello, this is Ben from Cremit!

We’re excited to share our first update for December 23. Cremit is currently available as a Private Beta; if you’d like to join, please reach out to us at hi@cremit.io.

Updated Brand Color Scheme

Cremit login page with a dark-themed user interface, featuring email and password input fields for secure authentication. The page includes a ‘Continue with Email’ button and a ‘Forgot Password?’ link for account recovery. Enhance security with Cremit’s access control system.

We’ve refreshed the Cremit color scheme to provide a more comfortable and visually accessible experience. The dashboard now features high-visibility colors for elements like statistical charts, table data, and highlights, making it easier to navigate and interpret data.

Enhanced Dashboard with Additional Statistical Data

Cremit security dashboard displaying an overview of detected secrets and sensitive data. Includes key metrics such as active and detected secrets, found sensitive data, and visual charts showing secret trends, top secret types, reasons for sensitive data exposure, and source types from GitHub, Confluence, and Jira. Optimize security monitoring with real-time insights and analytics.

The dashboard has been updated to include more comprehensive statistics. Now, you can view at a glance:

• The number of non-human identities (API Key) leaks

• The number of sensitive information leaks

• Statistics on types of leaked data and leakage points

This addition makes it easier to monitor and assess data security trends across your organization.

New Leaker Information for Non-Human Identities  and Sensitive Data

Cremit security dashboard displaying detected secrets from Confluence, highlighting active and inactive credentials. The interface includes secret labels, source documents in Korean, author details, and detection timestamps. Secure your collaboration tools by identifying and managing exposed secrets efficiently.

Previously, the Secret Table only displayed data such as activation status, leakage date, and data type. Now, you can also see which user was responsible for each leak, providing greater transparency and accountability.

Expanded User Permissions: Administrator, Writer, and Reader

Cremit team settings dashboard displaying user management options, including email addresses, roles (Administrator, Writer, Reader), and join dates. The interface allows admins to modify user roles, manage team members, and control access levels for secure collaboration.

We’ve introduced role-based permissions to provide more control over user access:

• Administrator: Full access to all functionality

• Writer: Can modify settings and create data

• Reader: Limited to view-only access

This change enhances security by assigning appropriate access levels based on user roles.

Join our newsletter!
We’ll keep it useful and spam-free.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Company logo

Build Safer, With Trust.

Beyond cybersecurity credential models and non-human identities leak detection.

Find Us Online

LinkedIn logoYouTube logoFacebook logo
Product
Secret Detection
Pricing
Secret Detection
Company
About us
Blog
Vigilant Ally
Contact Us
Resources
Status
Trust Center
Documents
Change Log
Talk to Sales
Terms of ServicePrivacy NoticeSub-ProcessorsCookie Policy