Sensitive Data Remediation

Bring peace of mind to your team by ensuring you eliminate any sensitive data from your repositories and prevent commits going forward.


We've seen multiple companies - even technology first companies - make mistakes when it comes to sensitive data and secret leaks into the wild. This engagement will provide audit and cleanup of sensitive information currently in the customer’s Git repositories. Sensitive data can include secrets, passwords, private keys, API tokens, and other sensitive data.

Our team will both produce in-our-lab prototypes as well as hands-on tuning of the secrets detection using your actual git data. Not only will we detect sensitive data, we will provide reports on which keys were potentially compromised.

Going forward, we will work with your team to develop the automation of sensitive data checking for all future code commits. Your team will also receive training and documentation of the sensitive data checking implementation to enable them to keep it up to date for any new threats.

Who is this service for?

Security and audit teams looking to build assurance that developers are not committing sensitive data such as passwords and keys to their git repositories.

What's included?

GitLab offers a variety of training courses depending on your team's needs. In addition, we offer specialized training that can be customized even further.

The general courses we offer include:

  • Audit all current Gitlab repositories for sensitive data.
  • Build report on the location and source of the sensitive data found.
  • Create re-usable GitLab hooks for flagging sensitive data before it can be saved to GitLab.

Interested in GitLab Professional Services? Get in touch.