Our developers use the GitGuardian platform to securely access and manage secrets within their repositories. This allows them to identify and address any potential security risks.
GitGuardian Platform
GitGuardianExternal reviews
270 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Good advice on security issues concerning passwords etc.
What do you like best about the product?
Very quick response to issues on GitHub projects.
Detailed explanation of the issue.
Detailed explanation of the issue.
What do you dislike about the product?
Soometimes I think, GitGuardian is not right.
E.g. some infomation is stored in .env files, like passwords or STMP access. This is often not wrong in my mind.
E.g. some infomation is stored in .env files, like passwords or STMP access. This is often not wrong in my mind.
What problems is the product solving and how is that benefiting you?
At the moment, G2 is helping to show potential issues, however most of the time, I considered that as not a high risk issue.
Great for Catching Secrets, But Needs a Privacy Option
What do you like best about the product?
GitGuardian does a fantastic job at what it’s meant to do—catching secret leaks in your code. I’ve been really impressed with how well it scans my repos and flags potential security issues. It’s definitely something that gives me peace of mind knowing my code is being looked after.
What do you dislike about the product?
There’s no option to exclude private repos from the scans, which feels a bit overkill for me. My private repos are just for my own projects, not shared with anyone, so I really don’t need them to be scanned.
What problems is the product solving and how is that benefiting you?
GitGuardian is solving the issue of accidentally exposing secrets like API keys and credentials in my code. It’s super helpful because it scans my repos automatically and catches things I might have missed.
For a robust check on preventing data leakage and ensuring secure operations
What do you like best about the product?
Ease of Integration with github.
Ease of Use
Ease of Use
What do you dislike about the product?
To address data leakage and ensure secure operations without revealing sensitive information
What problems is the product solving and how is that benefiting you?
Secure code review is a critical aspect of ensuring the robustness and resilience of software applications
Vigilant security bot
What do you like best about the product?
I am thankful for Git Gaurdian, it automatically detected api keys I had left in my code, which by mistake I committed.
Therefore this is a good tool if we want to make sure, no body accidentally pushes sensitive data
Therefore this is a good tool if we want to make sure, no body accidentally pushes sensitive data
What do you dislike about the product?
I don't get dislike as of now, sometimes, it highlights false positive, but that is okay.
What problems is the product solving and how is that benefiting you?
It checks no one is accidentally pushing sensitive api keys etc
Great to think my secrets are safe!
What do you like best about the product?
One of the most practical aspects is that we may sometimes overlook the configuration settings or the values of environment variables, but now, that's no longer a concern. GitGurdian will take care of that. And it's very very easy to integrate and the features it has are well rounded. And the support from the team is also sensibly quick and responsive.
What do you dislike about the product?
There isn't anything specific, but I believe the user interface could be more intuitive.
What problems is the product solving and how is that benefiting you?
Security constraints are often overlooked, but GitGuardian has addressed this issue for us by providing a way to resolve and escalate concerns to senior staff for review.
Very apt
What do you like best about the product?
It's notifications letting me know what issues might arise from my code in relation to security breaches and things of that nature.
What do you dislike about the product?
There is nothing I can say for that I dislike about gitguardian
What problems is the product solving and how is that benefiting you?
Helping me secure my API KEYS better
GitGuardian for Master's Project
What do you like best about the product?
I have been using GitGuardian for my college Project. First and foremost UX is really good and intuitive. My project is around security so I am aware of the necessity of that and GitGuardian is an appropriate alternative to other open source products. I faced a problem initally and i found enough support to help me around.
What do you dislike about the product?
They could work on a more refined payment plan. This will give more flexibity to all category of developers.
What problems is the product solving and how is that benefiting you?
I have been working on creating a product to provide better enterprise search solutions and this has been helping there.
Helps increase productivity and identify and prioritize security incidents
What is our primary use case?
How has it helped my organization?
GitGuardian's detection capabilities are good.
The accuracy of detections and the false positive rate are good.
It has improved the abilities of our developers and security team.
The playbooks help to identify and prioritize security incidents.
GitGuardian helped us increase our secret detection rate.
GitGuardian helped to increase our security team's productivity. It allows us to find the secrets and their repository faster. As the security team is focusing on one app to audit it, we also look at the GitGuardian findings for that app, and that is easier than looking for the secrets manually.
What is most valuable?
The most valuable feature is the general incident reporting system. It provides informative data with good filtering and reporting options.
What needs improvement?
We'd like to request a new GitGuardian feature that automates user onboarding and access control for code repositories. Ideally, when a user contributes to a repository, they would be automatically added to GitGuardian and granted access to view that specific repository. This would eliminate the need for manual user creation and permission assignment within the platform.
For how long have I used the solution?
I have been using the GitGuardian Platform for one and a half years.
What do I think about the stability of the solution?
The GitGuardian Platform is stable.
What do I think about the scalability of the solution?
The GitGuardian Platform can deploy at scale.
What's my experience with pricing, setup cost, and licensing?
The pricing for GitGuardian is fair.
What other advice do I have?
I would rate the GitGuardian Platform eight out of ten.
Getting started with GitGuardian required some preliminary setup on our part. This involved configuring both our on-premise GitHub Enterprise server and the GitGuardian application itself, granting the application access to the enterprise server.
GitGuardian requires around two hours per week of maintenance. We have our scripts that add users to the tool as needed. So we have a script that looks at our GitHub server talks to that API, and uses the information from that to add users to GitGuardian. And we have to maintain those because sometimes just like with any code, we have to make sure that process is still working.
GitGuardian's onboarding process and customer success teams were helpful.
I recommend GitGuardian as an easy-to-use tool that tackles a major security risk often overlooked by companies. This platform can significantly improve your software development lifecycle.
While detecting hidden functionality within a security program for application development isn't the highest priority, it does hold some value. If resources allow, it's worth considering incorporating methods to identify such secrets.
Organizations considering the GitGuardian Platform should establish clear action points for employees who will be using the tool. This ensures everyone understands how to leverage GitGuardian effectively within their workflow.
Great Service to know vulnerabilities and accidental secret publishing in git commits
What do you like best about the product?
I almost immediately get email regardiing any public secret pushed or vulnerability in my code pushed to github,
Very easy to understand and useful suggestions.
Very easy to understand and useful suggestions.
What do you dislike about the product?
Many times false positive alerts gets triggerred and like I added blank pem files or dummy secrets. It doesn't have AI intelligence to determine false positives.
What problems is the product solving and how is that benefiting you?
It is helping in identifying any accidental secret leak in git repo and open code vulnerabilities. Using this I can be confident on what is being pushed on github is secure.
Essential Security Safeguard for Code Repositories
What do you like best about the product?
Its ability to detect and alert on sensitive data leaks in real-time is invaluable. The platform's comprehensive coverage and intuitive interface make it easy to stay ahead of potential security breaches.
What do you dislike about the product?
The truth is that for the moment I have used GitGuardia, there is nothing I don't like, I feel all my needs are covered for now.
What problems is the product solving and how is that benefiting you?
- Detecting and preventing sensitive data leaks
- Enhancing security posture of code repositories
- Enhancing security posture of code repositories
showing 21 - 30