CAP combines static scanning with dynamic tracing to identify hard-coded keys and eliminate false positives.
Yes. CAP detects default passwords and unencrypted private keys on filesystems. Additionally, CAP also evaluates the security of every keystore credential used by the application, giving an estimation for the computational resources that would be required to break into that specific keystore type with that credential leveraging the latest Hashcat benchmarks.
CAP is a complete cryptography management platform. By combining analysis of cryptography throughout your infrastructure it gives you powerful insight into how you use cryptography with multiple business benefits.download