Skip to content

GitHub App

PanSift

GitHub App

PanSift

Deterministic Continuous Security for PRIVATE REPOSITORIES!

Sign-in to Github to install. PanSift auto-inserts unique honeytokens (lures) on your nominated target branch per Pull Request. Tokens can be credentials, hostnames, or other attacker lures from Thinkst (with PanSift and Auth0 tokens coming soon!).

PanSift does not need nor request access to your code. PanSift tokens a single file by inserting valid zero privilege credentials or other tokens to tripwire your build. You can leave the tokens there or move them to other parts of your build during your deploy process. Dress them up as you see fit.

Deploy PanSift to private repositories that exist anywhere at risk of exploit, attack, or compromise. Only staff or trusted agents should have access (if at all) so once tripped, you have high fidelity and high cardinality signal of a breach by attackers. Even if a trusted insider was to trip a token, then it's an opportunity for targeted security training or increased learning.

Note: The below keys are partially obfuscated but the actual inserted tokens are 100% valid and alert you or your team within minutes when someone attempts to use them. You can even try test installs on your own personal private repositories to experiment.

[Default] 
aws_access_key_id = AKIA35OHX2<XXXXXXXXX>
aws_secret_access_key = RTuejOn9XYcU/xxY2Bx8<XXXXXXXXXXXXXXXXXXX>
region = us-east-2
output = json
Developer

PanSift is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.

Report abuse
You can’t perform that action at this time.