Devcore downloads and inspects vasts amount of data associated with your public code and the code associated with your developers so no stone is left unturned. A powerful comparison engine can detect the change-over-time and advise when new vulnerabilities are encountered.
The powerful analytics engine behind Devcore provides answers to complex questions which require access to expensive data analysis backed by super-large data pipelines.
Devcore is state of the art developer monitoring and leak discovery tool which helps organisations identify software security problems across the entire developer estate - from GitHub repositories owned by individual-contributors to organisation accounts to language-specific software packages and more. Devcore performs a deep scrub of many types of sensitive information leaks such as AWS access keys, GCloud tokens, Azure keys, passwords for databases, sensitive URLs and much more.
Getting to know your developers is fundamental to ensure consistent defence from supplier chain attacks. Devcore automatically finds all developers associated with your public organisation profile and scans for additional developer resources such as docker images, software packages published in NPM, Ruby Gems and more . Devcore is an essential part of any tech-heavy organisation.
With Devcore you can explore all identified leaks directly in the source code where they were first identified. Additional auxiliary tools are also available to help you record the leak and track it over time. Devcore comes with builtin documentation to validate the secrets leak as well to be 100% sure there is no security exposure.
All artifacts and data points identified during the scanning process are directly available for further exploration and programmatic consumption. This way you can be sure that nothing is missed - everything is accounted for.
Features
- The most throughout leak detection tool that goes beyond standard git repositories
- Cost-effective solution that scales to hundreds of terabytes of source data
- Identify developers associated with your organisation
- Prevent 2nd-degree secrets leaks that could lead to developer compromise
- Automatically scrub passwords from known leaked password databases
- Provides advanced filter and code-analysis features
- Scheduling capabilities
Ultimate
- Specifically designed for medium and large Enterprises
- All Tools, Services, and Plans
- Single Sign-On Integration, Single Tenant
- Dedicated Support, Custom Integrations
- Annual or Monthly, Fixed-cost Billing