Secret Keys in Your Code Are a Severe Danger You Are Probably Unaware Of

We simply eliminate this danger for you. That's all.

Start Free Trial Learn More

First 30 days free. Unlimited usage. No credit card required.

How It Works

Connect Your GitHub

Install our GitHub integration and select organizations and repositories to monitor

Scan Your Repositories

Run full scans to unveil secret keys that are not supposed to be exposed within your code

Receive Alerts

Be always safe. We'll notify you immediately when a secret key is committed to any of your repositories

What Our Users Say about Us

They're our users, hear them out.

Frequently Asked Questions

  • What do I do with exposed keys that GitMonkey finds?

    You revoke them immediately! Generate another key from your API provider and make sure to keep it safe this time.

  • My repositories are private. Why do I need GitMonkey?

    Two reasons: 1. private repositories have the tendency to become public due to account owners efforts to save money on their GitHub expenses. It’s very easy to turn a private reposiory into a public one. The thing is that you never know what’s inside when you do it, so you better keep secrets off private repositories as well. 2. Code in private repositories still have wider inter-org access and exposure than other means of storing keys. Exposed keys can therefore be maliciously used by -- let’s say -- frustrated employees (or ex-employees). You shouldn’t keep the keys exposed in the code.

  • Do you support other git platforms?

    We currently support only GitHub but plan to support Bitbucket and GitLab going forward.

  • How accurate are your scans?

    We match against hundreds of known patterns but at this stage we can’t commit to positively identifying private keys and secrets. When we find a match we mark it for you according to our algorithm severity and the job of validating whether the suspected key is indeed an exposed private key is your responsibility. We may take a leap forward in that direction in the future though.

Pricing

First 30 days free. Unlimited usage. No credit card required.

Developer

$5 per month
  • Monthly Full Scans
    4
  • Monthly Push Scans
    100
$5/month

Startup

$15 per month
  • Monthly Full Scans
    16
  • Monthly Push Scans
    1,000
$15/month

Business

$50 per month
  • Monthly Full Scans
    64
  • Monthly Push Scans
    10,000
$50/month

Ready to Start Feeling Safer

About Your Code?