MongoDB Launches Kingfisher, Open-Source Tool for Real-Time Secret Detection
Unlike traditional scanners, Kingfisher performs active validation, checking if detected secrets are still functional.
MongoDB has released Kingfisher, a high-performance, open-source tool that detects and validates active secrets—such as API keys and credentials—in real time across codebases.
Built in Rust and using Intel’s Hyperscan for fast regex matching, Kingfisher is designed to reduce false positives by actively verifying secrets against cloud services like AWS, Azure, GCP, and Stripe.
Originally developed in July 2024 by MongoDB security engineer Mick Grove, Kingfisher has become central to MongoDB’s internal security checks, scanning pre-commit code, CI/CD pipelines, and Git histories. The tool is now publicly available under the Apache 2.0 license.
"Kingfisher is a high-performance, open-source secret scanning tool that combs through code repositories, Git commit histories, and file systems. Kingfisher performs this to rapidly uncover hard-coded credentials, API keys, and other sensitive data," Grove wrote in a blog post.
Unlike traditional scanners, Kingfisher performs active validation, checking if detected secrets are still functional. In internal tests, it successfully flagged an active AWS key while filtering out inactive Slack tokens.
With over 700 built-in detection rules and YAML-based customization, it’s highly extensible.
The tool supports Linux, macOS, and Windows, and integrates with GitHub, GitLab, and CI/CD workflows.
Running entirely on-premise, it ensures data sovereignty and privacy—ideal for organisations focused on compliance and software supply chain security.
Kingfisher outperforms tools like TruffleHog and Gitleaks in speed and accuracy, offering developers a powerful, privacy-first solution to tackle credential leaks head-on.
Last month, shares of MongoDB fell 1.5% to $186.09 after Loop Capital downgraded the stock from "buy" to "hold" and slashed its price target from $350 to $190.
Loop Capital expects Atlas’ growth to keep slowing until MongoDB shows real progress in hitting its market goals—especially in expanding among large enterprise clients.
The firm also points out that the cloud database market remains highly fragmented, with no clear leaders yet emerging.
