> ## Documentation Index > Fetch the complete documentation index at: https://docs.coderabbit.ai/llms.txt > Use this file to discover all available pages before exploring further. # Betterleaks > CodeRabbit's guide to Betterleaks, an improved secret scanner based on Gitleaks. [Betterleaks](https://github.com/betterleaks/betterleaks) is a secret scanner built on top of [Gitleaks](https://gitleaks.io/). It offers enhanced secret detection compared to the original Gitleaks tool. ## Files Betterleaks runs on changed files in the pull request, regardless of file type. ## Configuration Betterleaks is configured using the `gitleaks` key in your `.coderabbit.yaml` file. The key name is preserved for backward compatibility, existing configurations continue to work without any changes. ```yaml theme={null} reviews: tools: gitleaks: enabled: true ``` Betterleaks supports the following config files: * `betterleaks.toml` * `gitleaks.toml` (backwards compatibility) ## When we skip Betterleaks CodeRabbit will skip running Betterleaks when: * Gitleaks (or a compatible secret scanner) is already running in GitHub workflows. ## Notes * Betterleaks runs on the changed files in the pull request (not just specific file types). * Betterleaks uses `--no-git` flag, so it scans files directly rather than scanning git history. * The configuration key in `.coderabbit.yaml` remains `gitleaks` for backward compatibility. No changes to your existing configuration are required. ## What's next Scan container images and filesystems for known vulnerabilities, misconfigurations, and exposed secrets. Identify known vulnerabilities in your project's dependencies using Google's OSV.dev database. Explore all 40+ tools CodeRabbit integrates with for code quality and security analysis.