Source Code

1.0 Introduction

This article provides an overview of the Fortanix Key Insight on-premises Source Code infrastructure, which is used to scan cryptographic materials stored within on-premises local repositories.

It also describes:

Source Code scanning architecture
Source Code scanning process
Source Code scanning benefits

2.0 Terminology References

For on-premises connection concepts and supported features, refer to On-premises Connection Concepts.

3.0 Architecture

The following diagram illustrates the on-premises source code scanning infrastructure integrated with Fortanix Key Insight:

**Figure 1: Source Code Scanning Architecture**

3.1 Components

The architecture consists of two main components:

Repositories (Git, Azure Repos, and so on): A repository (repo) is a storage location for source code and related artifacts, including code files, configuration files, documentation, version history, and branches for development, bug fixes, and releases.
Fortanix On-premises Scanner (fortanix-scanner): Installed once per organization. It connects to supported repositories, retrieves metadata, and forwards the collected information to Fortanix Key Insight.

3.2 Workflow

This section outlines the workflow for scanning the Source Code:

The Fortanix On-premises Scanner connects to your code repository using its URL and credentials. It analyzes the codebase to identify cryptographic artifacts such as keys, certificates, algorithms, and their usage locations within the source code.
The Fortanix On-premises Scanner aggregates the collected metadata and establishes an outbound connection to the Fortanix Key Insight SaaS for analysis, reporting, and visualization.

4.0 Scan Source Code Using Fortanix On-premises Scanner

The Fortanix On-Premises Scanner is the primary component responsible for discovering and extracting encryption metadata from on-premises repositories.

It is available for the following platforms:

Linux: Provided as .deb and .rpm packages.
Windows: Provided as an .exe executable.

For detailed information on source code scanning using the Fortanix On-premises Scanner, refer to the following:

5.0 Source Code Scanning Benefits

The source code scanning process helps to:

Highlight cryptographic implementations that deviate from enterprise security policies.
Identify the cryptographic assets used within the source code.
Detect hardcoded or exposed keys and secrets early in the development lifecycle.
Strengthen DevSecOps practices by integrating key scanning into CI/CD pipelines.
Enable a unified inventory view to support post-quantum cryptography (PQC) readiness and key lifecycle management.

Source Code

1.0 Introduction

2.0 Terminology References

3.0 Architecture

3.1 Components

3.2 Workflow

4.0 Scan Source Code Using Fortanix On-premises Scanner

5.0 Source Code Scanning Benefits

PLATFORM

Key Insight

Data Security Manager™

Confidential Computing Manager

Enclave Development Platform®

Request A demo

Contact Us

Free Trial

SOLUTIONS

AWS KMS External Key Store (XKS)

Google External Key Manager

Bring Your Own Key (BYOK)

HSM Modernization

Multicloud Key Management

Post Quantum Cryptography

Code Signing

Secrets Management

Tokenization Transparent

Database Encryption

Filesystem Encryption

Confidential Data Search

Confidential AI

Healthcare

Banking & Financial Services

Fintech

Manufacturing

Web 3.0

Federal Government

RESOURCES

Blog

Whitepapers

Datasheets

Solution Briefs

Ebooks

Reports

Case Studies

Webinars

University

Media Kit

Newsletters

COMPANY

About

Careerswe’re hiring

Customers

Partners

Awards

Events

Press

News

Services

Support

FAQ

4.6