Detect
Identify likely secrets across supported files, sources and archives.
Use case
Detect exposed certificates and private keys
Private keys and certificates can enable impersonation, decryption or unauthorized access when stored in uncontrolled locations.
Use case
Why this matters.
Exposed credentials are not just sensitive text. They can become access paths into systems, cloud resources, databases and automation workflows.
Common examples
- SSH private keys in home directory backups
- TLS private keys in ZIP packages
- Certificate bundles in project folders
- Key material attached to documentation
Onyxaris approach
Find, enrich and prioritize.
Contextualize
Attach source, path, file type, confidence, environment hints and exposure indicators.
Prioritize
Rank findings by likely impact and remediation urgency.
Remediate
Support rotation, revocation, removal and tracking.
Recommended response
Replace keypairs, revoke affected certificates and remove exposed copies.
Onyxaris helps teams focus on what needs attention first, then document the path from discovery to closure.
| Step | Action |
|---|---|
| 1 | Confirm finding and identify owner |
| 2 | Assess source, exposure and likely impact |
| 3 | Rotate or revoke the credential |
| 4 | Remove exposed copies and duplicates |
| 5 | Document evidence and monitor recurrence |
Start focused
Ready to find where secrets are hiding?
Start with a focused exposure assessment across your highest-risk sources: network shares, repositories, OneDrive or SharePoint.