updates updates

Risk Detection




Bearer now detects security risks that cause data breaches by scanning your code repositories.

Customer benefits are:

  1. Detect and mitigate security risks before they reach your production environment.
  2. Assess risks faster and more accurately with actionable context.
  3. Stop slowing down development by automating security checks.

Risk events are listed on the Home page in an inbox format.

Capture d’écran 2022-08-05 à 11.21.21.png

A risk event is triggered when:

  1. a repository processes new sensitive data.

Capture d’écran 2022-08-05 à 11.22.05.png

  1. a repository processes sensitive data and integrates with a new third party.

Capture d’écran 2022-08-05 à 11.36.01.png

  1. sensitive data is not encrypted

Capture d’écran 2022-08-05 à 11.21.54.png

Bearer provides you with contextual information so you can investigate and assess risks efficiently. Once a risk has been detected, you can ignore it, assign it to a teammate or close it once it has been mitigated.

Risk events can be customized in the Settings to fit your own processes. For each risk event you can set up:

  • the risk level.
  • notifications (emails, Slack).

Capture d’écran 2022-08-05 à 11.25.31.png

Capture d’écran 2022-08-05 à 11.25.56.png

For more information, please refer to the documentation.

Weekly Report




Every Monday morning, users receive a report by email. This report summarizes the previous week's detections.

Users can proactively investigate new detections to identify and assess associated security risks that may lead to a data breach.



Data discovery has been extended to the entire codebase




The Bearer Broker used to discover and classify data by scanning OpenAPI, SQL, GraphQL, and Protobuf files only.

Data discovery and classification capabilities have been extended to the entire codebase in the following languages:

  • C#
  • Golang
  • Java
  • Javascript/Typescript
  • PHP
  • Python
  • Ruby

The general mechanics is that it looks for Objects (e.g., User) and their properties or attributes (e.g., lastname).

You just need update the broker by running docker pull bearersh/broker:latest

For more information please refer to the documentation.

New Integrations Tab




The Integrations and Interfaces tabs on the Component page have been merged for better readability.

On the page of a Component - let's call it Repository A - you can now see:

  • the Components with which Repository A integrates, meaning the Components that Repository A consumes (for instance a third-party service).
  • the Components that integrate with Repository A, meaning the Components that consume Repository A (for instance internal applications calling the endpoints of Repository A).


UI Upgrade




Months of iterations and dozens of user feedback led us to improve our User Interface.

New inventory layout

  • Components are now displayed as cards for better readability.
  • The component detection date has been added.
  • You can change the status of components directly from the inventory page.


New component page layout

  • Component information has been moved to the left and lightened for better readability.


Additional information about Git Integrations

  • For users relying on the Broker: an event log including Activity date, Version, and Container UUID, has been added.
  • For users relying on the Bearer GitHub Action: an event log has been added.


Automated Data Discovery & Classification




Data discovery and classification are now fully automated.

Bearer’s detection engine supports 120+ data types, including personal, health, and financial data. See the full list of data types here.

You can create your own data categories - which regroup data types - to fit your data taxonomy.

Data type processed can be seen in your inventory and on the page of a component.



GitHub Actions Integration




You can now integrate Bearer directly in your CI/CD pipeline with a GitHub Action (see documentation).

Thus you can use Bearer without creating and managing a Personal Access Token.

Continuous Code Scanning




Bearer now automatically scans your codebase once a week to update your inventory of engineering components.

You can customize the frequency at which Bearer scans your codebase (once a day, once a week, once a month).

Bearer performs diff-aware scans so you can focus on risks in recent code changes.

Broker Update




A new version of the Broker is available with:

  • Better support for detections in markup files (HTML, PHP, ERB, ASPX, Jupiter notebook, etc.).
  • Overall improved domain detection and classification.
  • Detection of data types for OpenAPI, GraphQL, Protobuf and SQL files
  • Experimental detection of internal API paths.
  • Improved error handling and memory usage.

To update the Broker please run docker pull bearersh/broker:latest

Introducing: Bearer Inventory




Scan your codebase

Bearer integrates with GitHub and GitLab and scans your code repositories to discover connected engineering components including databases, internal & external APIs, and message buses.

We support the following languages: Ruby, Javascript, Python, PHP, Go, Java and C#.


Build your inventory

Enrich your inventory with sensitive data flows and security controls.

If needed you can collect such information from your engineering team via light-touch questionnaires embedded in GitHub / GitLab.