Credential theft, particularly through leaked secrets in git repositories, has become a significant concern in software development, as illustrated by high-profile breaches like those at Uber. Automated scanning for secrets is now essential, with tools like GitGuardian, gitleaks, and truffleHog available, though some companies, like SAP, opt for custom solutions. SAP's case study reveals the complexity of implementing an internal secret detection system, which involves challenges such as dealing with vast numbers of repositories, choosing effective scanning methods, and ensuring high accuracy to minimize false positives. SAP's approach included using regex for pattern matching, leveraging Intel hyperscan for performance, and implementing a centralized scanning process utilizing their backup server to avoid overloading their GitHub instance. They also automated the validation and notification processes to ensure efficient remediation of detected leaks, emphasizing the importance of maintaining low false positive rates to keep developer engagement. The case study highlights the need for continuous maintenance and monitoring of such systems and suggests consulting available open-source and commercial tools before committing to an in-house solution.