Schütze deinen Code vor offengelegten Geheimnissen und risikoreichen Fehlkonfigurationen in Bezug auf die Sicherheit, mit null Berechtigungen und ohne Datenübertragung.
Nutzerbewertungen filtern (6)
Spectral is a reliable gatekeeper for our secrets
Spectral is easy to set up and use, and it provides valuable insights into sensitive issues.
The reports can be better, with more options to slice & dice the issues.
Great for code secutity
Kommentare: It helps us with fixing open code and key security issues in public and private repos
I like the daily scan of all our repositories, it helps us to fix importent security issues in the code. Also the support team is very good .
The UI was slowly in performance. Also some settings issues (but this was resolved by support)
Solved our headache with Azure DevOps
Kommentare: We've solved the issue of having zero visibility into our ADO environment with SpectralOps.
Integrates easily into ADO, allowing us to track down exposures which we previously had no knowledge about.
Would be good to see a snippet of the offending code inside the portal without needing to navigate to the source. No ability to customise the 'Code' tab, would be handy to adjust the order in which we're seeing issues. I.e: Date / Secret / Info / Severity / Status. The term 'Error' for exposures can get slightly confusing, would prefer to see the term 'Open Secret' or 'At Risk'. No ability to directly test a code block for secret exposures directly through the portal.
Good notifications and monitoring. Easy integration.
Some detectors are too aggressive Customisation.
Very nice yet not fully polished.
Scanning speed, support and speed of development
Missing UI features Many false alerts, for example the Github action workflow file is failing on itself because it contains curl to a script with a pipe to sh ("curl spectral.io/script.sh | sh")
It's like a guard that watching your team from make security mistakes
Needed to contact the company in order to find how to start the trial. Hard to find the link