DevSecOps From Ground
There are lot of tools which can be used in DevSecOps process but it all depend on organization requiremnt and budget organization is allocating.
Step 1: I just tried to implemnt trufflehog in jenkins CI/CD to detect hardcoded credetial. follow the link to implement https://github.com/Ambujkumar1/trufflehog_in_jenkins