Listing Thumbnail

    GitGuardian Platform

     Info
    Sold by: GitGuardian 
    Deployed on AWS
    Vendor Insights
    The end-to-end secrets security platform for enterprises. Scan and fix hardcoded secrets in source code, CI/CD pipelines, and productivity tools with GitGuardian code security platform.
    4.8

    Overview

    Play video

    GitGuardian is an end-to-end secrets security platform that empowers software-driven organizations to enhance their Non-Human Identity (NHI) security and comply with industry standards.

    With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and Secrets Observability. This dual approach enables the detection of compromised secrets across your dev environments while also managing legitimate secrets and their lifecycle.

    The platform supports over 450+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense

    Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF, and Bouygues Telecom for robust secrets protection.

    Highlights

    • With Secrets Security, GitGuardian aims to eliminate leaks and sprawl, detecting compromised or misused secrets across both public and internal environments. This foundation of NHI security is strengthened by monitoring for incidents, policy violations, and illegitimate use of secrets.
    • GitGuardian's Secrets Detection tackles internal secrets sprawl by identifying sensitive data in source code and productivity tools. The platform supports over 450 types of secrets, including API keys, private keys, and database credentials. With a robust policy engine, security teams can enforce rules across major Version Control Systems ( like GitHub, GitLab, BitBucket, and Azure DevOps, CI/CD tools such as Jenkins, Travis CI as well as tools like Slack, Jira, container registries, and more.
    • To expand visibility beyond internal systems, GitGuardian Public Monitoring scans public GitHub repositories, detecting sensitive information in both organizational and developers' personal repos. This is crucial, as 80% of corporate secrets leaked on public GitHub stem from personal accounts.

    Details

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Trust Center

    Trust Center
    Access real-time vendor security and compliance information through their Trust Center powered by Drata or Vanta. Review certifications and security standards before purchase.

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Vendor Insights

     Info
    Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
    Security credentials achieved
    (2)

    Pricing

    GitGuardian Platform

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (1)

     Info
    Dimension
    Description
    Cost/12 months
    25 developers
    Business Plan, per 25 contributing developers (annual contract)
    $5,500.00

    Vendor refund policy

    Please contact sales@gitguardian.com  to learn more about GitGuardian's refund policy.

    Custom pricing options

    Request a private offer to receive a custom quote.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    Explore our guides to use the GitGuardian Platform https://docs.gitguardian.com  or submit a support request at

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    100
    In Monitoring
    Top
    100
    In Application Development

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    18 reviews
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Secrets Detection and Classification
    Supports detection of over 450 types of secrets including API keys, private keys, and database credentials across source code and productivity tools
    Multi-Platform Integration
    Integrates with major Version Control Systems (GitHub, GitLab, BitBucket, Azure DevOps), CI/CD tools (Jenkins, Travis CI), and productivity platforms (Slack, Jira, container registries)
    Public Repository Monitoring
    Scans public GitHub repositories to detect sensitive information in both organizational and personal developer accounts
    Policy Engine and Enforcement
    Includes a robust policy engine that enables security teams to enforce rules and manage secrets lifecycle across integrated platforms
    Honeytokens and Incident Detection
    Deploys honeytokens for defense and monitors for incidents, policy violations, and illegitimate use of secrets in both public and internal environments
    Centralized Secrets Management
    Centrally secures, rotates, and manages secrets across multi-cloud and hybrid environments with a unified view across multiple AWS accounts and AWS Secrets Manager instances.
    Multi-Platform Integration
    Offers REST APIs and integrates with a wide range of DevOps tools, container platforms, vulnerability scanners, RPA, and automation tools for credential delivery.
    Secrets Rotation and Lifecycle Management
    Automatically rotates secrets in AWS Secrets Manager and across enterprise environments without requiring changes to developer workflows or applications.
    Audit and Access Control
    Provides centralized control and comprehensive auditing of how applications, DevOps tools, and automation platforms authenticate and access sensitive resources including databases and cloud environments.
    Enterprise-Scale Architecture
    Designed to support massive scalability with data sovereignty requirements for large global enterprises and eliminates vault sprawl across distributed environments.
    Secrets Management and Centralization
    Centralized platform for managing secrets across projects, teams, and environments to eliminate secrets sprawl
    Automated Credential Rotation
    Automatic rotation of credentials without downtime to safeguard against data breaches
    Multi-Environment Integration
    Automatic synchronization and deployment of secrets across environments and infrastructure through expanding suite of integrations
    Access Control and Audit Logging
    Scalable and flexible access controls with detailed activity logs for real-time access management and compliance
    Developer-Centric Tools
    VS Code extension for editing secrets alongside code with bidirectional synchronization and Doppler CLI for consuming secrets as environment variables

    Security credentials

     Info
    Validated by AWS Marketplace
    FedRAMP
    GDPR
    HIPAA
    ISO/IEC 27001
    PCI DSS
    SOC 2 Type 2
    -
    -
    -
    -
    No security profile
    No security profile

    Contract

     Info
    Standard contract
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.8
    281 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    90%
    9%
    1%
    0%
    0%
    4 AWS reviews
    |
    277 external reviews
    External reviews are from G2  and PeerSpot .
    Computer Software

    Weekly Repo Insights with Helpful Fix Suggestions

    Reviewed on Jun 26, 2026
    Review provided by G2
    What do you like best about the product?
    This service sends weekly emails about your repos where you’ve configured it. It also includes a probable fix if it finds any kind of malfunction anywhere in the repo.
    What do you dislike about the product?
    Sometimes it catches errors that aren’t really that serious, but it also catches things that I don’t expect or can’t predict. I think that, as a service-based model, it should be more precise when tracking the severity of an error.
    What problems is the product solving and how is that benefiting you?
    It helps me track whether anything wrong has been pushed to my repo while I’m working on my code. When I’m handling a very big repository, it becomes really hard for me to maintain each and every aspect of it. That’s where GitGuardian actually helps me: it lets me see what has been pushed, what I should not push, and if I’ve made a mistake, it can also run a workflow to fix it.
    ashikur j.

    Vulnerability Checks Made Easy with a Simplified UI

    Reviewed on Jun 23, 2026
    Review provided by G2
    What do you like best about the product?
    The vulnerability check and simplified UI to resolve the issues.
    What do you dislike about the product?
    Sometimes the webpage gets a performance issue and lags when I try to resolve an issue.
    What problems is the product solving and how is that benefiting you?
    Major environmental secret keys are being flashed to the public, and give me support to update vulnerable node packages.
    Cristopher B.

    Quick, Helpful Secret Incident Alerts with an Easy-to-Understand UI

    Reviewed on Jun 23, 2026
    Review provided by G2
    What do you like best about the product?
    The Secret internal incidents notification is quick and helpful, and the UI is easy to understand if you have experience with similar tools.
    What do you dislike about the product?
    Honestly, I haven’t had any inconveniences. I use GitGuardian to get quick reports when a secret is public, and for that it’s been incredible.
    What problems is the product solving and how is that benefiting you?
    It helps me check whether any secrets have slipped into the code. It’s especially useful in the early stages of development, because I can focus more on coding instead of constantly double-checking that I didn’t forget to remove a secret. And if something does get leaked, I can easily find it and remove access to that specific secret.
    Viswajith R.

    Flags Unsafe Commits and Prevents Sensitive Data Leaks—Works as Advertised

    Reviewed on Jun 18, 2026
    Review provided by G2
    What do you like best about the product?
    We use it in our organization to flag unsafe commits and to prevent sensitive information from leaking, even when we’re working in private repositories.
    What do you dislike about the product?
    I don't see any downsides. It works as advertised.
    What problems is the product solving and how is that benefiting you?
    We use primarily for blocking commits with sensitive data
    אלי .

    Clear, Descriptive UI That Makes Incident Management Easy

    Reviewed on Jun 09, 2026
    Review provided by G2
    What do you like best about the product?
    I liked most the clear and descriptive UI, where you see the incident type, the full code with the highlighted relevant characters, and a CTA panel that allows you to manage it properly. A great and important work, thank you all, guys!
    What do you dislike about the product?
    I've no comments about the UI, what I think is recommended is to add a smart AI check that will notice if a secret is actually just a placeholder. Most of the incidents I got was this kind of secrets.
    What problems is the product solving and how is that benefiting you?
    In many cases local secrets like env files are getting accidentally pushed to Github, I encountered such cases sometimes, and unless GitGuardian - I think it was still there...
    View all reviews