Hardcoded passwords
Credentials embedded in scripts, notes, configuration files or handover documents.
Source coverage
Secret scanning for SharePoint
SharePoint is where business documentation, project files and operational knowledge meet. That makes it useful - and risky. Technical teams often paste credentials into deployment notes, troubleshooting documents, runbooks and exported configuration files.
Why it matters
This source can quietly accumulate access risk.
Onyxaris helps security teams scan this environment for exposed secrets and prioritize findings based on context and risk.
Common exposure patterns
- Deployment notes with connection strings
- Project handover documents containing passwords
- Exported configuration files
- Incident response documents with temporary credentials
- Shared folders with broad internal access
- Files synchronized from local environments
Detection examples
What Onyxaris looks for.
API keys and tokens
Access artifacts for SaaS services, internal applications, automation and CI/CD workflows.
Connection strings
Database or service connection strings with usernames, passwords, hosts and environment hints.
Private keys and certificates
SSH keys, TLS keys, key material and certificates stored in files or archives.
Cloud credentials
Cloud provider access keys, service account credentials and infrastructure secrets.
Sensitive config files
.env, .ini, .yaml, .json, .xml and application configuration files.
Outcome
Move from unknown exposure to prioritized cleanup.
Build a risk-based view of where secrets exist, which locations matter, and what teams should fix first.
| Finding | Context that helps | Typical action |
|---|---|---|
| Password in script | Path, owner hints, source and age | Rotate and replace with managed secret |
| API key in document | Document location and sharing state | Revoke, rotate and remove |
| Private key in archive | Nested path and recurrence | Replace keypair and delete copies |
| Connection string | Environment hints and database target | Rotate password and restrict access |
Start focused
Scan this source first.
Start with a focused exposure assessment for one high-risk environment, then expand coverage when the process is proven.