Automated source code integrity monitoring

Exposure of secret information in source code repositories is an increasingly common problem. Accidental or unwitting inclusion of credentials, API keys, private keys and more in source code repositories are regularly the initial attack vector for larger incidents.

Tines allows end-to-end automation of source code integrity monitoring and response.

Receive commit
details from SCM

Use the Tines Webhook agent to receive details of every push to a source code management system such as Github or Bitbucket.

Fetch commit diffs

For each commit in a push, use the HTTP Request Agent to fetch the commit diff from the source code management system.

Examine commits for
sensitive information

Use a combination of Event Transformation Agents to analyse the contents of each commit for sensitive information.

Remediate potential
exposures

In the event of a potential disclosure of sensitive information, Tines can perform an unlimited number of response actions, including: changing visibility of the affected repository, immediate escalation to an engineer, and creation/assignment of key rotation tasks to the committer and/or committer's team.

Discuss automated source code integrity monitoring

Request a free consultation and Tines demo with one of our security automation experts.

Request consultation