A data leak occurs when an internal source exposes information. Meanwhile, a data breach is caused when an external source breaches the system in a cyberattack. Criminals can use a variety of methods to try and break into a network. In other words, a data leak is usually an accident, while a breach is often intentional and malicious.
Gitleaks Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.
Repo Scraper. Check your projects for possible password (or other sensitive data) leaks.
Whispers. Whispers is a static code analysis tool designed for parsing various common data formats in search of hardcoded credentials and dangerous functions. Whispers can run in the CLI or you can integrate it in your CI/CD pipeline.
Horusec. Horusec is an open source tool that performs a static code analysis to identify security flaws during the development process.
Hawkeye The Hawkeye scanner-cli is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines.
Snyk. Snyk scan your projects for security issues, including security vulnerabilities and license issues. The following shows an example of Snyk CLI test command output.
Checkov. Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Helm charts,Kustomize, Dockerfile, Serverless, Bicep or ARM Templates and detects security and compliance misconfigurations using graph-based scanning.