BluBracket

BluBracket automates the detection, identification and removal of secrets in code.
BluBracket identifies all categories that make up secrets in code, ranks them by risk and provides a means to remediate. BluBracket checks for secrets in code across all variations of git and even non-git repositories. The solution automates deep scanning of full commit history on every repo to accurately identify the most sensitive types of secrets and identifies the risks to the organization.

BluBracket scans all changes upon creation of pull requests to eliminate inclusion of secrets into a remote feature branch. Detecting and remediating potential vulnerabilities directly within the development workflow enables developers to shift left and avoid having to handle security incidents post-deployment.

Leveraging the BluBracket CLI, developers can prevent coding mistakes before they are committed to their local history on their workstation/device. Developers can take action by using environment variables or or introducing an external tool for secrets management. Integration with Slack, PagerDuty, ServiceNow and many other tools allow teams to be immediately notified and remediation actions to be invoked.

BluBracket automates identifying risks in code that may cause an individual’s personal or private information to be exposed.
Commonly used static and dynamic code testing tools are not always effective in detecting these vulnerabilities. Attackers can exploit these vulnerabilities to exfiltrate data and introduce malicious code. With BluBracket, developers can check for PII in their commit history across a whole range of repositories, both internal and external. BluBracket integrates with tools that developers are proficient in, making it easy for them to adopt security best practices to prevent PII from being exposed.

Leveraging the BluBracket CLI, developers can prevent inclusion of PII. The solution identifies and displays alerts for risk in the BluBracket tenant portals, CLI and CICD integrations.

BluBracket scans Git repositories to identify non-inclusive terms and delivers options to remediate them within the development workflow.
This unique capability is in keeping with current times and developers’ desires to meet socially correct norms by removing unacceptable or insensitive racial or gender bias in words and references that are used in code. Use of non-inclusive language in source code is surprisingly common and has been ignored in organizations for far too long. Use of terms such as master-slave for automation processes or black listing to denote disallowed sites or network addresses are no longer deemed acceptable. Talent in professional workplaces have expressed a preference to work for employers who share their values in creating inclusive workplaces.

BluBracket can identify misconfigurations in IaC prior to deployment.
BluBracket creates a layer of security for Terraform, Kubernetes, Cloudformation and other infrastructure formats. BluBracket alerts on anomalies and rule violations during the process of creating configuration code to eliminate risks that can disrupt applications upon deployment. BluBracket scans software components, libraries, and application frameworks for vulnerable misconfigurations. BluBracket identifies IaC policy violations. Results are presented with guidance on where to remediate the vulnerability.

BluBracket Protects Code and IP from Leaking into Public Repositories
BluBracket regularly scans public repositories for code fingerprints that may have leaked into the extended universe. BluBracket employs specially developed behavior analytics to detect anomalous activity and alerts on code leaks in order to take immediate corrective action. BluBracket creates code fingerprints to track critical code and assets internally and externally to ensure vital IP is not exposed publicly. BluBracket can proactively monitor public repositories for vital IP.