Security for Bitbucket Enhanced Secret Scanner by Soteri

This plugin is extremely useful and straight forward. For improvements it would be great to mark a line as reveiwed and have the exclusion applied globally, in addition to applying it to a specific repository. It would, also be useful to have some sort of integration with SIEM for when code pushes are blocked by the plugin. Lastly, I wish there was a dashboard to see all detections(globally) and be able to sort it by number of occurrence. Paired up with a global exclusion capability, this would make dealing with large amounts of false positives very easy and effective. Currently, exporting detections as a CSV file is not a very user-friendly or effective way of viewing such data.

• 

  Soteri

  Hi Nick, thank you for all your suggestions.

  • Security for Bitbucket 4.9.0 includes a way to mark findings as globally reviewed using CSV exports.

  • As of Security for Bitbucket 4.6.0, blocked pushes are recorded in the Bitbucket Audit log, which in turn supports multiple SIEM integrations.

We've been using Security for Bitbucket by Soteri to scan and flag all security violations - to scan secrets across all projects and repositories and email if any violation to respective author. It has fit our requirement well so far. Thank you!

Security for Bitbucket Enhanced Secret Scanner by Soteri is very helpful in detecting sensitive information, such as API keys and passwords, within Bitbucket repositories. It was a savior for my teammates and me, as we relied heavily on this plugin in our WALKME project.

We are using Security for Bitbucket Enhanced Secret Scanner by Soteri to detect sensitive information like API keys and passwords within Bitbucket repositories. With this we have automated the scanning process which is helping our team to identify and remove potential security threats before they can be exploited, thus enhancing overall data protection. Thanks for designing a superb plugin.

We have been using Security for Bitbucket Enhanced Secret Scanner by Soteri for the past three years in our Mercedes-Benz India project as an security best practices. The ability to automatically scan and block secret leaks before they enter our repositories has saved us from potential security risks multiple times. The audit reports and customizable scanning rules made us to stay compliant while adapting to specific project needs. If you're serious about securing your Bitbucket repositories, this tool is a must-have!