How to run Secret Scan

Modified on Fri, 31 May at 9:54 PM


Secret scanning tools comb through codebases, detecting patterns and signatures associated with known secrets, and alerting developers to potential vulnerabilities.  

This guide details how to initiate and complete an SECRET scan on the platform.


  1. You should be signed in with If not, please refer to our guide on creating a account.

  • CloudDefense CLI 

  • Gitleaks


To scan for secrets we need to pass “--no-git” flag from the CLI like,

// Some codecdefense full --api-key=6262fe7f-1434-2711-78fa-268ce4187339 --path=/opt/secretsandstuff --project-name=leaks --no-git

In the above command we pass our api-key, with the project path to scan and –no-git to include secret scans.

Once scans finish we can look the data in UI

And once expanded ,we can see our data

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article