Radar scans your codebase on every commit. When a secret is found, it will leave a comment and block the pull request.
Setting up Radar is lighting fast! Connect Radar to your GitHub account and we will handle the rest.
After setup Radar will do a full scan of all your repositories on the master branch. From then on your code will be scanned when a commit is pushed to GitHub.
As codebases evolve there are often legacy code blocks and patterns left laying around. Some of those patterns may lead to security risks like leaving secrets in your codebase.
Radar is your insurance policy for Enclave. If you have unexpected secrets laying around in your codebase, Radar will find them for you.
Radar connects directly with Github so your engineers never have to leave their favorite tool.
On each commit, Radar will leave a comment when a secret is found.
On creation of a pull request, Radar will be added as a status check. If secrets are found, Radar will block the pull request from merging.
Just about everything in Radar can be configured through adding a radar.yaml file to your root directory.
From excluding folders, file patterns, and extensions to setting which types of secrets (API key, database urls, certs) should be looked for.