Aikido Secrets Detection is a secrets scanning tool that identifies exposed API keys, credentials, tokens, passwords, encryption keys, and private keys in source code repositories. The tool integrates into CI/CD pipelines to detect leaked secrets before code is merged or deployed to production. The scanner automatically triages findings by recognizing secrets that are known to be safe, such as Stripe publishable keys and Google Maps API keys used in front-end code. It filters out irrelevant secrets by ignoring those verified as expired, revoked, or appearing to be variables rather than actual credentials. The Live Secret Detection feature verifies whether exposed secrets are still active by sending requests to API endpoints that require authorization but do not produce sensitive data. Based on this verification, the tool adjusts the severity rating of detected issues. Aikido Secrets Detection provides IDE integrations that warn developers about secrets before they commit code. The tool is part of a broader application security platform that includes dependency scanning, SAST, cloud security posture management, and other security capabilities. The scanner supports multiple deployment models including cloud-based scanning and on-premises deployment options. It provides centralized visibility across code repositories and integrates with existing development workflows.