What are Leaks

Like losing the keys to your car or house, but possibly with worse outcomes, losing API or private keys can have a huge negative impact on your organization. What if the wrong people have access to your keys? They can delete your Cloud resources, including back-ups, in seconds. Or worse – they can use your resources for the wrong purpose, like mining cryptocurrency. A small mistake can now have huge consequences for your business. With Leak Finder from Agile Analytics, you can scan your Git repositories on ‘lost’ keys. If you find one, you can easily figure out what happened, block the lost key and solve the incident.

Setting up Leaks

Step 1. Adding Git provider

Connect GitHub: https://zensoftwarenl.atlassian.net/wiki/spaces/AGILEX/pages/2295496736
Connect GitLab: https://zensoftwarenl.atlassian.net/wiki/spaces/AGILEX/pages/2295300109
Connect Bitbucket: https://zensoftwarenl.atlassian.net/wiki/spaces/AGILEX/pages/2295300124

Step 3. Selecting repositories you’d like to track

Add repositories to Agile Analytics:

Step 2. Setting up Jobs Schedule

You can select how often jobs for detecting Leaks will be run.
By default, it runs every 12 hours.
If you want to change the schedule, go to Settings → Jobs Schedule tab and set the preferred value.

All set!

Reporting on found Leaks

After the first job will run you will have an opportunity to see all your leaks and mark them as “solved” if you did fix them. The chart shows you the number of leaks for a selected time period.

In the tables below the chart, you can find actual leaks: what repository they are in, what the date of commit, commit hash etc. are, and mark them to have clean analytics.