Sold by: GitGuardian
Deployed on AWS
Vendor Insights
The end-to-end secrets security platform for enterprises. Scan and fix hardcoded secrets in source code, CI/CD pipelines, and productivity tools with GitGuardian code security platform.
Overview
GitGuardian is an end-to-end secrets security platform that empowers software-driven organizations to enhance their Non-Human Identity (NHI) security and comply with industry standards.
With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and Secrets Observability. This dual approach enables the detection of compromised secrets across your dev environments while also managing legitimate secrets and their lifecycle.
The platform supports over 450+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense
Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF, and Bouygues Telecom for robust secrets protection.
Highlights
- With Secrets Security, GitGuardian aims to eliminate leaks and sprawl, detecting compromised or misused secrets across both public and internal environments. This foundation of NHI security is strengthened by monitoring for incidents, policy violations, and illegitimate use of secrets.
- GitGuardian's Secrets Detection tackles internal secrets sprawl by identifying sensitive data in source code and productivity tools. The platform supports over 450 types of secrets, including API keys, private keys, and database credentials. With a robust policy engine, security teams can enforce rules across major Version Control Systems ( like GitHub, GitLab, BitBucket, and Azure DevOps, CI/CD tools such as Jenkins, Travis CI as well as tools like Slack, Jira, container registries, and more.
- To expand visibility beyond internal systems, GitGuardian Public Monitoring scans public GitHub repositories, detecting sensitive information in both organizational and developers' personal repos. This is crucial, as 80% of corporate secrets leaked on public GitHub stem from personal accounts.
Details
Sold by
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(2)
SOC2
GDPR
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
25 developers | Business Plan, per 25 contributing developers (annual contract) | $5,500.00 |
Vendor refund policy
Please contact sales@gitguardian.com to learn more about GitGuardian's refund policy.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Explore our guides to use the GitGuardian Platform https://docs.gitguardian.com or submit a support request at
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By GitGuardian
By CyberArk
By Doppler
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Secrets Detection
Advanced platform capable of identifying over 450 types of sensitive credentials including API keys, private keys, and database credentials
Policy Enforcement
Robust policy engine that enables rule implementation across multiple version control systems, CI/CD tools, and productivity platforms
Public Repository Monitoring
Comprehensive scanning of public GitHub repositories to detect sensitive information leakage from organizational and personal accounts
Non-Human Identity Security
Integrated approach for managing and protecting service accounts, application credentials, and other non-human authentication mechanisms
Incident Detection
Real-time monitoring and identification of compromised, misused, or illegitimate secrets across internal and external environments
Secrets Management
Centralized platform for securely managing and rotating credentials across multi-cloud and hybrid environments
Identity Authentication
Secure authentication mechanism for applications, automation tools, and non-human identities accessing sensitive resources
DevSecOps Integration
REST API-enabled solution with extensive integration capabilities for DevOps tools and container platforms
Access Control
Centralized control and auditing of privileged credentials and secrets usage across databases and cloud environments
Scalability
Enterprise-grade solution designed to support large-scale deployments with data sovereignty and global enterprise requirements
Secret Management
Cloud-hosted platform for centralized secrets management and orchestration
Access Control
Scalable and flexible access controls with detailed activity logs for real-time management
Environment Integration
Automatic secret synchronization across multiple projects, teams, and infrastructure environments
Development Workflow
Native VS Code extension with two-way secret synchronization and CLI support for local development
Credential Security
Automated credential rotation mechanism to prevent potential data breaches and security vulnerabilities
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
No security profile
No security profile
Standard contract
No
No
Customer reviews
5
1 ratings
1 AWS reviews
|
234 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Alex B.
Un excellent outil pour vous soutenir
Reviewed on Jul 17, 2025
Review provided by G2
Qu'aimez-vous le plus à propos de the product?
Solution extrêmement utile à avoir lorsque vous développez vos solutions.
Que n’aimez-vous pas à propos de the product?
L'inconvénient est que vous savez que vous avez fait une erreur dans votre code et votre sécurité.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
Publication involontaire de clés de produit.
reviewer2740785
Supports application security by detecting a wide range of secrets and allows integration into existing vulnerability management processes
Reviewed on Jul 16, 2025
Review provided by PeerSpot
What is our primary use case?
My use case for the GitGuardian Platform is application security for our enterprise repository.
How has it helped my organization?
The solution has improved our organization. We are still in the rollout, but the users who are utilizing it are very happy, especially about the feature that enables pre-commit hooks in Git that will not raise to the remote repository. This is a very good feature that our developers use very heavily.
What is most valuable?
The best features of the GitGuardian Platform are that it finds many different secrets, more than other competitors, and the support from the colleagues is also very good.
The GitGuardian Platform helps in monitoring and protecting our code repositories from leakage. It helps significantly because we connected our vulnerability management process to this, and the colleagues from vulnerability management have much easier work since we have the GitGuardian Platform installation due to the dedicated incidents or issues which are opened automatically.
The alerting capabilities and threat intelligence features of the GitGuardian Platform are managed by another team; we only host the platform.
The audit logs and compliance reports from GitGuardian are very helpful because, in the past, we needed to do it manually by scanning the repos. Now with GitGuardian Platform, we have a really good overview of what is open, what is closed, and how critical the issues are.
What needs improvement?
The areas that have room for improvement involve the missing feature to add custom detectors for the GitGuardian Platform, which would help us check if internal secrets are still valid or not.
I assess the accuracy of the detection from the GitGuardian Platform as very good because we don't have many false positives, which means the quality is very good. The only thing we want to have are some additional detectors which help us to prioritize, especially since enterprise secrets are found, but they cannot verify if they are valid or not.
For how long have I used the solution?
I have been using the GitGuardian Platform for one and a half years.
What do I think about the stability of the solution?
The stability of the GitGuardian Platform is excellent. We don't have any problems with the stability of the system at all.
What do I think about the scalability of the solution?
The scalability of the GitGuardian Platform is excellent.
How are customer service and support?
The technical support from the GitGuardian Platform deserves a rating of nine out of ten.
How would you rate customer service and support?
Positive
What about the implementation team?
The deployment of the GitGuardian Platform is very easy because it's a Helm chart which is very easy to install for us. The deployment took several days.
What's my experience with pricing, setup cost, and licensing?
I have no information about pricing, but since they won the request for quotation, I believe it's a good price.
Which other solutions did I evaluate?
We created a technical evaluation and checked against other providers, though I don't remember the names. The GitGuardian Platform has the best technical capabilities, and our procurement handles the pricing part.
What other advice do I have?
The GitGuardian Platform is used worldwide in our environment.
Currently, we have approximately 1,300 licenses for the GitGuardian Platform, but we will increase to 2,000 next year.
The solution requires maintenance from our side only for user management, which is normal for each application.
I cannot quantify how much time or resources the GitGuardian Platform saves us because this is spread across all teams worldwide.
I would recommend the GitGuardian Platform to other users because the integration with GitHub and Azure DevOps is very easy, and you also have the possibility to use it locally on your IDE . This is a very good solution.
I rate the GitGuardian Platform a nine out of ten because room for improvement is always possible, but it's really good.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Ney Roman
Facilitates efficient secret management and improves development processes
Reviewed on Jun 23, 2025
Review from a verified AWS customer
What is our primary use case?
My use case for the GitGuardian Platform is application security.
What is most valuable?
My impression of the GitGuardian Platform's capability to detect secrets in real time is actually really amazing, because it lets us protect or block the pipelines in which we deploy new applications so we can acknowledge when a secret is hardcoded in a repository, or when we have already hardcoded secrets within templates in our repos.
We adopted it a year ago, and it has been doing great in our teams, especially for developers. The impression so far has been good.
The severity scoring has helped us in incident management because it is doing the correct job. We got many secrets leaked within our platform and it was making the correct warnings regarding that particular secret, as we had a hardcoded Google Cloud API key. It was marked as a critical severity, so we had the chance to correct it, regenerate that secret and work again on not hardcoding secrets within our code.
GitGuardian's public leak detection significantly enhances our organization's data security by continuously monitoring public repositories. It allows us to proactively identify accidental exposures of sensitive credentials or secrets.
What needs improvement?
Regarding the exceptions in GitGuardian Platform, we know that within the platform we have a way to accept a path or a directory from a repository, but it is not that visible at the very beginning. You have to figure out where to search for it, and once you have it, it is really good, but it is not that visible at the beginning. This should be made more exposed.
The documentation could be better because it was not that comprehensively documented. When we started working with GitGuardian Platform, it was difficult to find some specific use cases, and we were not aware of that. It might have improved now, but at that time, it was not something we would recommend.
For how long have I used the solution?
I have been using the GitGuardian Platform for almost a year now.
What was my experience with deployment of the solution?
The deployment of the GitGuardian Platform was easy.
What do I think about the stability of the solution?
From 1 to 10, I rate the stability of the GitGuardian Platform a 10, as there are no downtimes.
What do I think about the scalability of the solution?
I would rate the scalability as a 10, since we did not have any problems.
How are customer service and support?
For technical support, I would give a solid 10. They have someone who speaks Spanish, which made it easier for us.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I am comparing it with Advanced Security from GitHub and Cycode.
How was the initial setup?
Two of us were involved in the deployment process.
It took a week to deploy the GitGuardian Platform, just to standardize the process.
What about the implementation team?
Two of us were involved in the deployment process.
What was our ROI?
Regarding return on investment, we have actually saved time and resources because before having GitGuardian Platform, we had two or three people working in every repository looking for secrets with open-source tools. It took a long time to find secrets or many patterns, and at the time, we had to configure our own patterns to find them. I cannot specify the exact return on investment, but I can surely say that we have saved significant time and resources, particularly in terms of people and automation.
Which other solutions did I evaluate?
I would compare the GitGuardian Platform to other solutions or vendors on the market as being easier to use, but it is not integrated with the CSM that we are using right now. That is the difference. It is easy to use, but it could be easier.
What other advice do I have?
We are customers in our company's relationship with the vendor.
I work primarily with the CLI, focusing on pipelines and automations rather than the platform itself. The platform has remained almost the same within the year that we have been working with it.
We are not utilizing the automated playbooks yet.
I cannot determine if the pricing is cost-effective.
The vendor can contact me if they have any questions or comments about my review.
I have rated the GitGuardian Platform a 10 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
shanebrannick@yahoo.com B.
Git Guardian m'aide à éviter de révéler des données sensibles au public.
Reviewed on Jun 23, 2025
Review provided by G2
Qu'aimez-vous le plus à propos de the product?
J'aime qu'il me donne des avertissements automatiques sur l'exposition de données potentiellement sensibles.
Que n’aimez-vous pas à propos de the product?
Je l'utilise juste pour les avertissements automatiques. Je ne vois pas encore d'inconvénient.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
Cela m'empêche d'exposer des données sensibles. Parfois, j'ajoute des mots de passe lors du débogage et j'oublie de les supprimer. Git Guardian corrige cela.
Abhinav P.
Je suis étonné par la rapidité avec laquelle GitGuardian identifie les vulnérabilités.
Reviewed on Jun 13, 2025
Review provided by G2
Qu'aimez-vous le plus à propos de the product?
Exposition secrète et résolution rapide + excellente expérience utilisateur
Que n’aimez-vous pas à propos de the product?
Ils ont tous accès à nos secrets privés et informations. Nous ne pouvons pas simplement faire confiance à n'importe quelle entreprise avec notre base de données qui a été divulguée.
Quels sont les problèmes que the product résout, et en quoi cela vous est-il bénéfique?
Résolution rapide et identification secrète.