Security for Bitbucket
Add extra security to your developer workflow. Reject commits that contain passwords, private keys, cloud credentials, etc
Detect and Block Sensitive Commits from Check-in
Keep your secrets safe by blocking sensitive information such as passwords, public keys, access keys, etc. from being checked into your git repositories
Gain insight into the security level of Bitbucket
User our Security Scan Report to see what vulnerabilities exist in each individual Bitbucket Project, repository and branch
Over 30 Different Patterns Detected & Add Your Own
Security for Bitbucket Server detects over 30 specific credential and key patterns, like public keys, private keys, passwords, AWS keys, SSH keys and more. You can also add your own patterns using our custom rules page!
Download now to detect and block users from checking in sensitive information such as passwords, public keys, access keys, etc. Protect your company from this common error that can be exploited by attackers!
✅ Feature highlights:
- Pre-receive hook to reject dangerous pushes
- Repository scanning to analyze previously committed code
- Trigger scans for individual repositories or a whole Bitbucket instance
- Hook can be enabled per repository, per project, or globally
- Built-in rules for many common vulnerabilities, such as ssh keys and API tokens
- Define your own custom scanning rules, globally or on per-repository level
Privacy and security
Trigger scans on bulk from the global dashboard.