Integrate Talisman with Vulnetix. Install Talisman as a git pre-commit or pre-push hook to prevent hardcoded secrets, private keys, and sensitive files from entering your repositories.
All languages (filename + content analysis)CLI toolJSON
Install & scan
$ # Install via script (adds to global git hooks directory) bash -c "$(curl --silent https://raw.githubusercontent.com/thoughtworks/talisman/main/install.sh)" # macOS with Homebrew brew install talisman # Install as pre-commit hook in current repo talisman -g pre-commit $ # Scan the full git history of the current repository talisman --scan # Scan with report to specific directory talisman --scan --reportdirectory=/tmp/talisman-reports
Run Talisman in CI
Scan on every push and upload the results to Vulnetix:
- name: Install Talisman
run: |
curl -L https://github.com/thoughtworks/talisman/releases/latest/download/talisman_linux_amd64 -o talisman
chmod +x talisman && sudo mv talisman /usr/local/bin/
- name: Scan repository for secrets
run: talisman --scan --reportdirectory=/tmp/talisman-report
- name: Upload to Vulnetix
run: vulnetix upload --file /tmp/talisman-report/talisman_report.json
Centralise Talisman results in Vulnetix
Upload Talisman JSON output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.