Software Engineer, Hacker
Non-Human Identities such as API keys and passwords are essential for accessing services in modern, cloud-based, and collaborative work environments. Yet, as employees often store these credentials in easily accessible places (like code repositories, messengers, and cloud documents) to boost work speed, the risk of exposure has grown, leading to high-profile breaches at companies like Okta, Microsoft, Uber, and CloudFlare.
To address this, tools like TruffleHog and GitGuardian have emerged. TruffleHog, an open-source solution, scans source code and collaboration platforms using regex patterns to validate different credential types. However, its reliance on preset patterns limits its ability to detect new credential types or sensitive information beyond its scope, and it only scans one source at a time. GitGuardian, a SaaS-based service, provides real-time alerts and reporting across various cloud products but struggles with scalability and customization—especially when detecting personally identifiable information (PII). These limitations set the stage for a more robust secret detection solution.
A probe is a spacecraft designed to explore space and collect data on planets, moons, and asteroids. Similarly, Probe is our product that explores the cloud to detect exposed credentials. Unlike existing solutions, Probe overcomes key limitations to deliver comprehensive security. Key features include:
Probe’s features help overcome the limitations of traditional credential detection tools, with advanced credential verification, AI-powered sensitive data detection, and multi-source scanning, taking your security to the next level.
Probe also delivers significant performance advantages over other products. Speed is critical for responding quickly to credential exposure threats. Built in Rust, Probe leverages efficient string search algorithms and advanced optimizations to detect credentials swiftly, even in large datasets.
Probe significantly outperformed TruffleHog in scan speed across various environments, including Linux, Chromium, and Spring Boot. On average, Probe was 2x faster when scanning codebases and up to 8.8x faster for large projects like Chromium. This enhanced speed enables faster responses to credential exposures and greatly improves the efficiency of credential detection in large organizations.
Probe is continually evolving to deliver even greater value to our customers. Here’s what’s coming next:
Cremit offers both SaaS and On-Premise (Enterprise) solutions optimized for startups, small businesses, enterprises, and finance sectors. With support for 800+ secret validations, NER-based privacy detection, and integrations for source code, collaboration tools, documents, and repositories, we empower organizations to enhance their security posture.