42
Customers have installed this app in at least 42 active instances.
42
Customers have installed this app in at least 42 active instances.
    by MohamiTop Vendor
    Mohami is a Top Vendor.  Top Vendors have high standards for app quality, reliability, and support.

    Learn more

    for Bitbucket Server 5.2.0 - 6.10.0 and Bitbucket Data Center 5.2.0 - 6.10.0
    Supported
    Mohami supports this app.

    Get support

    Supported
    Mohami supports this app.

    Get support

    Get it nowFree app

    Reject commits that contain passwords, private keys, cloud credentials, etc

    Reject commits that contain passwords, private keys, cloud credentials, etc

    Reject commits that contain passwords, private keys, cloud credentials, etc

    Detect and Block Sensitive Commits from Check-in

    Easy to Use

    Over 30 Different Key Patterns Detected

    Keep your secrets safe by blocking sensitive information such as passwords, public keys, access keys, etc. from being checked into your git repositories

    Secure your repository or project today by enabling our repository or project hook.

    Security for Bitbucket Server detects over 30 specific credential and key patterns, like public keys, private keys, passwords, AWS keys, SSH keys and more, with new patterns being added every day.

    Detect and Block Sensitive Commits from Check-in

    Easy to Use

    Over 30 Different Key Patterns Detected

    Keep your secrets safe by blocking sensitive information such as passwords, public keys, access keys, etc. from being checked into your git repositories

    Secure your repository or project today by enabling our repository or project hook.

    Security for Bitbucket Server detects over 30 specific credential and key patterns, like public keys, private keys, passwords, AWS keys, SSH keys and more, with new patterns being added every day.

    More details

    Any user can check in sensitive information such as passwords, public keys, access keys, etc. into a git repository. Bitbucket does not have a way to eliminate or detect and block users who exhibit this behavior; the typical developer workflows make this an easy omission even by well-intentioned users. This poses a very large security risk as this information could be passwords for network devices, private keys, or even personal credentials for highly sensitive systems. This can lead to privilege escalation, either by malicious users who have network access to the Bitbucket server, or by an external attacker who has bridged perimeter security.

    Our application integrates into Bitbucket and detects and blocks sensitive information from being checked in.

    More details

    Any user can check in sensitive information such as passwords, public keys, access keys, etc. into a git repository. Bitbucket does not have a way to eliminate or detect and block users who exhibit this behavior; the typical developer workflows make this an easy omission even by well-intentioned users. This poses a very large security risk as this information could be passwords for network devices, private keys, or even personal credentials for highly sensitive systems. This can lead to privilege escalation, either by malicious users who have network access to the Bitbucket server, or by an external attacker who has bridged perimeter security.

    Our application integrates into Bitbucket and detects and blocks sensitive information from being checked in.

    Reviews for cloud

    (1)Sign in to write a review

    There are no reviews yet. Be the first to review this app.

    Reviews for server

    (1)
    Sign in to write a review
    by Mike P on 2019-12-07
    Plugin is doing exactly what we need. Easy to install and use. So far no issues. Great plugin and especially since it is free!
    Was this review helpful?YesNo

    Reviews for Data Center

    (1)Sign in to write a review

    There are no reviews yet. Be the first to review this app.

    Cloud Pricing

    Server Pricing

    Data Center Pricing

    Mohami provides support for this app.

    Mohami provides support for this app.

    Vendor support resources

    Documentation

    Find out how this app works.

    Vendor support resources

    Documentation

    Find out how this app works.

    Versions

    Version 1.2.0 Bitbucket Server 5.2.0 - 6.10.0 Released 2020-01-03

    Summary

    Added support for Whitelisting

    Details

    • SOTERIA-12 You can now whitelist secrets by adding an inline comment on the secret. Read more about that here.
    • SOTERIA-14 Improved secret detections for Heroku, Stripe and Slack.

    Versions

    Version 1.3.0 Bitbucket Data Center 5.2.0 - 6.10.0 Released 2020-01-21

    Summary

    Now Data Center Compatible

    Installation

    1. Log into your Bitbucket instance as an admin.
    2. Click the admin dropdown and choose Add-ons. The Manage add-ons screen loads.
    3. Click Find new apps or Find new add-ons from the left-hand side of the page.
    4. Locate Security for Bitbucket via search. Results include app versions compatible with your Bitbucket instance.
    5. Click Install to download and install your app.
    6. You're all set! Click Close in the Installed and ready to go dialog.

    To find older Security for Bitbucket versions compatible with your instance, you can look through our version history page.

    1. Log into your Bitbucket instance as an admin.
    2. Click the admin dropdown and choose Add-ons. The Manage add-ons screen loads.
    3. Click Find new apps or Find new add-ons from the left-hand side of the page.
    4. Locate Security for Bitbucket via search. Results include app versions compatible with your Bitbucket instance.
    5. Click Install to download and install your app.
    6. You're all set! Click Close in the Installed and ready to go dialog.

    To find older Security for Bitbucket versions compatible with your instance, you can look through our version history page.

    Similar apps