My use case for the GitGuardian Platform is application security.
GitGuardian Platform
GitGuardianExternal reviews
249 reviews
from
and
External reviews are not included in the AWS star rating for the product.
GitGuardian saving your secrets
What do you like best about the product?
I like the fact GitGuardian automatically checks and find all the secrets or suspicious things in the code and helps developers discovering them. This, although seems little for a non-developer is a very big thing as these secrets can leads to major data loss, security concerns and even loss of business.
What do you dislike about the product?
Could be a little more powerful to detect all the secrets and also not pose a threat if something is not a secret even if it looks like so. Example env variables should be skipped.
What problems is the product solving and how is that benefiting you?
Whenever I push code, we have a lot of environment variables that needs to be taken care of. Sometimes these confidential values get passed into tracked files in Git, unknowingly or by mistake, especially during vibe-coding which is a very big thing nowadays. GitGuardian plays a very very big role in discovering these essential secrets that cannot and should not be exposed to the outside world or could lead to serious damages to the company or business or even an individual and disrupt the work.
So GitGuardians security checks are very essential and needed.
So GitGuardians security checks are very essential and needed.
Great tool to have your back
What do you like best about the product?
Extremely useful solution to have when you are developing your solutions
What do you dislike about the product?
The downside is that you know you messed up in your code and security.
What problems is the product solving and how is that benefiting you?
Inadvertently publishing product keys.
Facilitates efficient secret management and improves development processes
What is our primary use case?
What is most valuable?
My impression of the GitGuardian Platform's capability to detect secrets in real time is actually really amazing, because it lets us protect or block the pipelines in which we deploy new applications so we can acknowledge when a secret is hardcoded in a repository, or when we have already hardcoded secrets within templates in our repos.
We adopted it a year ago, and it has been doing great in our teams, especially for developers. The impression so far has been good.
The severity scoring has helped us in incident management because it is doing the correct job. We got many secrets leaked within our platform and it was making the correct warnings regarding that particular secret, as we had a hardcoded Google Cloud API key. It was marked as a critical severity, so we had the chance to correct it, regenerate that secret and work again on not hardcoding secrets within our code.
GitGuardian's public leak detection significantly enhances our organization's data security by continuously monitoring public repositories. It allows us to proactively identify accidental exposures of sensitive credentials or secrets.
What needs improvement?
Regarding the exceptions in GitGuardian Platform, we know that within the platform we have a way to accept a path or a directory from a repository, but it is not that visible at the very beginning. You have to figure out where to search for it, and once you have it, it is really good, but it is not that visible at the beginning. This should be made more exposed.
The documentation could be better because it was not that comprehensively documented. When we started working with GitGuardian Platform, it was difficult to find some specific use cases, and we were not aware of that. It might have improved now, but at that time, it was not something we would recommend.
For how long have I used the solution?
I have been using the GitGuardian Platform for almost a year now.
What do I think about the stability of the solution?
From 1 to 10, I rate the stability of the GitGuardian Platform a 10, as there are no downtimes.
What do I think about the scalability of the solution?
I would rate the scalability as a 10, since we did not have any problems.
How are customer service and support?
For technical support, I would give a solid 10. They have someone who speaks Spanish, which made it easier for us.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I am comparing it with Advanced Security from GitHub and Cycode.
How was the initial setup?
Two of us were involved in the deployment process.
It took a week to deploy the GitGuardian Platform, just to standardize the process.
What about the implementation team?
Two of us were involved in the deployment process.
What was our ROI?
Regarding return on investment, we have actually saved time and resources because before having GitGuardian Platform, we had two or three people working in every repository looking for secrets with open-source tools. It took a long time to find secrets or many patterns, and at the time, we had to configure our own patterns to find them. I cannot specify the exact return on investment, but I can surely say that we have saved significant time and resources, particularly in terms of people and automation.
Which other solutions did I evaluate?
I would compare the GitGuardian Platform to other solutions or vendors on the market as being easier to use, but it is not integrated with the CSM that we are using right now. That is the difference. It is easy to use, but it could be easier.
What other advice do I have?
We are customers in our company's relationship with the vendor.
I work primarily with the CLI, focusing on pipelines and automations rather than the platform itself. The platform has remained almost the same within the year that we have been working with it.
We are not utilizing the automated playbooks yet.
I cannot determine if the pricing is cost-effective.
The vendor can contact me if they have any questions or comments about my review.
I have rated the GitGuardian Platform a 10 out of 10.
Git Guardian Helps me avoid revealing sensitive data to the public
What do you like best about the product?
I like that it gives me automated warning about exposing potential sensitive data
What do you dislike about the product?
I just use it for the automated warnings. I don't see a downside yet.
What problems is the product solving and how is that benefiting you?
It stops me exposing sensitive data. Sometimes I will add passwords during debugging and forget to remove them. Git guardian fixes this.
I'm amazed by how quickly GitGuardian identifies vunerabilities
What do you like best about the product?
Secret expose & quick resolution + Great User Experience
What do you dislike about the product?
They have all the access to our Private Secrets and infomations. We can't just trust any company with our Database that was leaked.
What problems is the product solving and how is that benefiting you?
Quick resolution & secret Identification.
It immediately detects security risks and gives good tips on how to fix them
What do you like best about the product?
It is quick in detecting risks and it easily gives tips on fixing those risks
What do you dislike about the product?
Nothing much, the UI could be more intuitive.
What problems is the product solving and how is that benefiting you?
For my personal use, it helps me secure my applications.
Keep doing GreatJob
What do you like best about the product?
I really like how the notified incidents with keys are handled, and the detail for resolving them, plus the files involved in the leak.
What do you dislike about the product?
Instead of getting it by email, I'd like to set up a pipeline so that the email only comes through when something goes wrong.
What problems is the product solving and how is that benefiting you?
The way it notifies you is awesome because it makes sure your keys don't get exposed. But it would be even better to prevent it even more by doing a local test before each commit and showing the results locally before pushing to GitHub. Because once it's on Git, even if you stop tracking it later, if the repo ever goes public, the history is still visible.
It Actually Saved My ***!
What do you like best about the product?
Oh man, since I discover GG like 3 years ago, it has become a MUST-HAVE on all of my repos, I always double-check everything, but still, I'm a human and I can make mistakes… So it is always good to have a (yeah, let's called “Guardian” Lol) Guardian keeping the gates to my endpoints, buckets, etc., safe.
What do you dislike about the product?
Something it's missing it's a Mobile App
What problems is the product solving and how is that benefiting you?
On every project I have sold, I need to demonstrate to my clients that their information and the information of the end-users are properly handled, that includes all the keys/secrets to instances, databases and more. And in order to do so, one of the tools I use the most, is showing GitGuardian to ensure that we're handling the secrets properly.
Saved from hacking
What do you like best about the product?
It tells you whenever there are some info leackage in your github repositories in automatic.
What do you dislike about the product?
Can be better functionalities regarding automatic capturing of errors or problems. There can be sometimes that the leakage is a false-positive.
What problems is the product solving and how is that benefiting you?
The problems regards security and information leakage
Catch your secrets instantly
What do you like best about the product?
The steps to integrate the GitGuardian with your version control like GitHub is really easy and also we can integrate it in local as well so that at the time of code commit if you have any secrets like API Keys, IAM Keys or PII etc.gets detected by GitGuardian and it doesn't allow you to commit the code until you remove it. This is very helpful feature of GitGuardian in day to day life of any developer or devops person.
What do you dislike about the product?
There are no cons as such to tell here, it went well so far.
What problems is the product solving and how is that benefiting you?
We wanted something which will block every developer or any other person in our organisation to commit any secrets or PII information which very sensitive for us. And this was solved by GitGuardian and we can now commit and push out code to repositories without any fear of exposing sensitive information.
showing 11 - 20