Security News > 2022 > December > Nosey Parker: Find sensitive information in textual data and Git history
Praetorian has open-sourced the regular expression-based scanning capabilities of its Nosey Parker secret scanning tool.
Nosey Parker addresses the pervasive problem of secret exposure in source code and configuration files where sensitive information such as passwords, API keys, access tokens, asymmetric private keys, client secrets, and credentials exist.
"Since the release of Nosey Parker, we have continued to find hard coded secrets within client environments that are easily leveraged to access high-value assets," said Anthony Paimany, Technical Director for Praetorian.
"Until now, the remedial advice felt lackluster with procedural and policy-based recommendations. We are excited to offer an open-source version of Nosey Parker that empowers organizations to better secure their assets. We look forward to contributions from the community as they identify interesting and innovative new rules and use cases."
With the RegEx open-source version, application security engineers, cloud security engineers, site reliability engineers, and developers can quickly find the number of security incidents and their location, avoiding what is currently a manual, time-consuming process.
The newly released version can perform scans 100 times faster than any other tool in the market, with the capability to scan 100 gigabytes of Linux Kernel source history on a laptop in five minutes.