About

This video is still being processed. Please check back later and refresh the page.

Uh oh! Something went wrong, please try again.

Secrets Detection

Catch tokens, codes, credentials, or API keys at every step of your application development with JFrog's Secrets Detection.

Cancel Apply

rate limit

Code not recognized.

About this course

Course Level: Intermediate
Requirements: A basic understanding of source code repositories and CI/CD workflows.
Prerequisites: None. Familiarity with security scanning concepts is helpful but not required.
Course Description: Hardcoded credentials, accidentally committed tokens, and secrets embedded in build artifacts are among the most exploitable exposures in modern software — and one of the easiest to miss. This course covers how JFrog Secret Detection identifies exposed secrets across both source code and binaries, so teams can remediate before accidental leakage becomes an incident.
Topics Covered:
  • The Secret Exposure Problem: How credentials end up in codebases and artifacts, and why conventional code review consistently fails to catch them.
  • Detection Across Source and Binaries: Scanning repositories and build artifacts to surface leaked tokens, API keys, and internal credentials wherever they hide.
  • Minimising False Positives: How JFrog Secret Detection distinguishes real secrets from test data and known patterns to reduce alert fatigue.
  • Triage and Prioritisation: Assessing finding severity and determining which exposures require immediate action.
  • Fast Remediation: Steps to revoke, rotate, and remediate secrets quickly to contain risk before it spreads.

Curriculum0 hr 17 min

  • Secrets Detection
  • Introduction to Secrets Detection 0 hr 2 min
  • Secrets Detection 0 hr 10 min
  • Beat the hacker! 0 hr 5 min
  • Share Your Feedback
  • Installation & Configuration
  • Installing JFrog Advanced Security on a self-hosted environment
  • Configuring your repositories for advanced scanning

About this course

Course Level: Intermediate
Requirements: A basic understanding of source code repositories and CI/CD workflows.
Prerequisites: None. Familiarity with security scanning concepts is helpful but not required.
Course Description: Hardcoded credentials, accidentally committed tokens, and secrets embedded in build artifacts are among the most exploitable exposures in modern software — and one of the easiest to miss. This course covers how JFrog Secret Detection identifies exposed secrets across both source code and binaries, so teams can remediate before accidental leakage becomes an incident.
Topics Covered:
  • The Secret Exposure Problem: How credentials end up in codebases and artifacts, and why conventional code review consistently fails to catch them.
  • Detection Across Source and Binaries: Scanning repositories and build artifacts to surface leaked tokens, API keys, and internal credentials wherever they hide.
  • Minimising False Positives: How JFrog Secret Detection distinguishes real secrets from test data and known patterns to reduce alert fatigue.
  • Triage and Prioritisation: Assessing finding severity and determining which exposures require immediate action.
  • Fast Remediation: Steps to revoke, rotate, and remediate secrets quickly to contain risk before it spreads.

Curriculum0 hr 17 min

  • Secrets Detection
  • Introduction to Secrets Detection 0 hr 2 min
  • Secrets Detection 0 hr 10 min
  • Beat the hacker! 0 hr 5 min
  • Share Your Feedback
  • Installation & Configuration
  • Installing JFrog Advanced Security on a self-hosted environment
  • Configuring your repositories for advanced scanning
Click here to read the terms of service | Featured | JFrog.com | Cookies Settings