GitGuardian Platform
GitGuardianExternal reviews
251 reviews
from
and
External reviews are not included in the AWS star rating for the product.
best
What do you like best about the product?
I am a beginner to GitHub so when I first published my repository on GitHub guardian immediately notified me that I have made my API key public I am really impressed by this
What do you dislike about the product?
I didn't understand that is there any way in gitguardian to protect leaked secret keys
What problems is the product solving and how is that benefiting you?
it is notifies you of your leaked keys in your repositories
Godsent protecion.
What do you like best about the product?
The speed of secret detections. I am always surprised by how fast it lets me know I have some exposed secret variables like JWT keys, and AWS keys.
What do you dislike about the product?
There can be some false flags that might be triggered.
What problems is the product solving and how is that benefiting you?
It notifies me of potential leaks of secret keys in my remote repositories on Github. It is very productive because it points out exactly where the leaks happened and how to mitigate them
`
What do you like best about the product?
We compared GitgGuardian to other products such as the paid version of Tufflehog, not only did they detect secrets more accurately in tests but they offered more features and their UI was significantly friendlier to use.
What do you dislike about the product?
There were still one or two issues with certain secrets not being flagged, but they're still ahead of the of the competition.
What problems is the product solving and how is that benefiting you?
GitGuardian is helping us to secure our DevOps pipelines
Additional security assurance in a DevSecOps environment
What do you like best about the product?
The ability to automatically scan source code and detect leaked secrets. GitGuardian has enabled us to add additional security control to our CI/CD pipeline, and enabled us to shift further left in the SDLC by implementing pre-commit hooks for Developers to test their code before it is committed.
What do you dislike about the product?
It would be great if GitGuardian could scan repositories such as Confluence, Jira, Service Now for secrets, as we have seen many Developers leaking secrets in those places too. I believe this can be done with the GitGuardian CLI tool, but a proper integration with the SaaS dashboard would add value to the tool.
What problems is the product solving and how is that benefiting you?
GitGuardian adds an additional control in our DevSecOps program to detect leaked secrets. This gives us greater security assurance that our application code repositories do not contain active leaked secrets.
Quick to Implement
What do you like best about the product?
GitGaurdian was easy to implement in our codebase and did not add much overhead. Their CLI is well documented, and setting up git actions was almost plug and play.
What do you dislike about the product?
The initial documentation suggested using another tool for running GitGuardian on developer machines, rather than making use of generic tools that are already used.
What problems is the product solving and how is that benefiting you?
GitGuardian helps provide complete trust between teams regarding the security of our codebase and gives confidence that all teams are focusing on security. Also provides the audit tools that we need to handle security issues.
Amazing Experience as a Developer
What do you like best about the product?
The tracking of API keys and secret creds and the ability to resolve the issue.
What do you dislike about the product?
The least helpful is that it might give a newbie developer a hard time learning about it so some tutorials and such can be helpful.
What problems is the product solving and how is that benefiting you?
GitGuradian is helping me solve the problem of accidental secret tokens and creds leak which can be detrimental and costly for an organization to go through.
Instant Git repo scanning and security advisor service
What do you like best about the product?
GitGuardian helped to scan potential security vulnerabilities in my Git repo automatically during Git check in.
What do you dislike about the product?
No, it works seamlessly in my journey. I did not encounter any problems/hiccups when using the product.
What problems is the product solving and how is that benefiting you?
GitGuardian digs out the secret key / API key that is embedded in the repo, and provides a portal page for me to review whether that is a confirmed case or a false alarm.
The perfect GitHub companion.
What do you like best about the product?
It helps you track any sensitive data you may have shared in the repos, either public or private.
Its algorithm is pretty advanced and I've never had any false positives but it finds easily when secrets are shared, even from non-famous softwares like webhooks api keys and stuff like that.
Super suggested, a must have on GitHub in my opinion.
Its algorithm is pretty advanced and I've never had any false positives but it finds easily when secrets are shared, even from non-famous softwares like webhooks api keys and stuff like that.
Super suggested, a must have on GitHub in my opinion.
What do you dislike about the product?
It really enforces you to be disciplined in GitHub with your secrets, it takes the slack completely off and it improves how careful you become with your .env files.
I guess it's not a bad one actually haha
Actually the only thing I'd love to see is a way of easily removing secrets that may have been shared on past commits, but that's more on Git than on this software I guess.
I guess it's not a bad one actually haha
Actually the only thing I'd love to see is a way of easily removing secrets that may have been shared on past commits, but that's more on Git than on this software I guess.
What problems is the product solving and how is that benefiting you?
It's solving the problem on thoroughly making sure the repo doesn't contain any secrets that may be exposed.
Anytime that happens is a huge issue as bad guys are always monitoring GitHub too for that to happen so to be notified right away is great!
Anytime that happens is a huge issue as bad guys are always monitoring GitHub too for that to happen so to be notified right away is great!
Recommendations to others considering the product:
There's no reason to non connect this software to your repos. It even has a generous free version so no reasons why not doing that.
Has saved me from making mistakes at 3am more than once
What do you like best about the product?
GitGuardian is very painless to use, has a simple and intuitive UI, and will tell you specifically where you made a mistake in regards to secrets or exploitable methods.
What do you dislike about the product?
Initial usage can be a bit daunting - there's alot to take in at first, and it is a bit irritating that private collaborative repositories are not under the default plan (although that is understandable)
What problems is the product solving and how is that benefiting you?
When working late hours on code, GitGuardian helps prevent making innocent mistakes, where an IDE might automatically add a configuration file to a branch push that contains a secret.
Detects quite a few secrets already!
What do you like best about the product?
The service is currently actively detecting quite a few keytypes and other secrets, as you can tell from the OWASP WrongSecrets testbed.
What do you dislike about the product?
It does not detect everything yet: I did not get warnings on some of the callbacks (e.g. Slack Webhooks), but i did on many tokens already.
What problems is the product solving and how is that benefiting you?
It helps detecting secrets in code & it can warn out of band by email about which secrets it found. This can greatly help ensuring secrets remain out of code.
Recommendations to others considering the product:
Start with open source tools first and then see how GitGuardian can help you improve your posture!
showing 61 - 70