LogoLogo
  • Welcome
  • Getting Started
    • Getting Started with a Free Codefortify Account
    • Setting Up Gitleaks for Secret Detection
    • Setting Up a Project
    • Configuring Custom Severity Scores in Codefortify
    • Enable the GitHub Dependency Graph for SBOM Insights
    • Generating an SBOM
    • Reviewing and Resolving a Vulnerability
    • Activating a New Scanner
    • Setting Up Two Factor Authentication
    • Adding a New User to Your Team
    • Authenticate to Your GitHub Account
    • Upgrading Your Plan
Powered by GitBook
On this page
  • Using the Gitleaks scanner with Codefortify
  • Using Secrets in GitHub Actions
Edit on GitHub
  1. Getting Started

Setting Up Gitleaks for Secret Detection

PreviousGetting Started with a Free Codefortify AccountNextSetting Up a Project

Last updated 5 months ago

Using the Gitleaks scanner with Codefortify

License Key for Organization Repositories

Gitleaks scanning requires an additional step if you're scanning repositories belonging to an organization account. You'll need a free Gitleaks license key.

For personal account repositories, no license key is required.

How to Get a Free Gitleaks License Key

  1. Visit.

  2. Click Sign Up to complete a Google form with your name, email, and company details.

  3. After submitting the form, you will receive an email with your free license key.

Adding Your License Key

Once you have your Gitleaks license key, it must be added as an encrypted secret in one of the following locations:

  • The repository

  • The organization

Using Secrets in GitHub Actions

Secrets in GitHub Actions allow you to store sensitive information in your repository, organization, or specific repository environments. Ensure you follow best practices when handling and storing sensitive data, such as your Gitleaks license key.

For more information on how to use and configure secrets in GitHub Actions, visit the.

GitHub documentation on secrets
Gitleaks.io