Checkmarx Secrets Detection is a security tool that identifies hardcoded credentials, tokens, keys, and other sensitive information in source code. The product scans for over 170 different types of secrets including passwords, access tokens, encryption keys, API keys, SSH keys, and webhook URLs. The tool performs scanning across multiple environments including Git repositories, containers, and CI/CD pipelines. It can scan both current source code and historical Git commits in server-hosted and local developer repositories. Pre-commit scanning capabilities allow the system to automatically block code commits containing hardcoded secrets before they reach repositories. The product includes live secrets validation functionality that attempts to determine if discovered secrets are still active and potentially exploitable. This helps security teams prioritize remediation efforts based on actual risk. Developers can initiate scans and review results directly within their IDE, or through CLI, API, and the Checkmarx One UI. The tool provides detailed reporting with remediation guidance to address identified risks. Checkmarx Secrets Detection is part of the Checkmarx One platform and integrates into developer workflows to prevent credential exposure throughout the software development lifecycle.