We performed a comparison between GitGuardian Platform and McAfee Total Protection for Data Loss Prevention based on real PeerSpot user reviews.
Find out in this report how the two Data Loss Prevention (DLP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."GitGuardian has helped to increase our security team's productivity. Now, we don't need to call the developers all the time and ask what they are working on. I feel the solution bridged the gap between our team and the developers, which is really great. I feel that we need that in our company, since some of the departments are just doing whatever and you don't know what they are doing. I think GitGuardian does a good job of bridging the gap. It saves us about 10 hours per week."
"The entire GitGuardian solution is valuable. The product is doing its job and showing us many things. We get many false positives, but the ability to automatically display potential leaks when developers commit is valuable. The dashboards show you recent and historical commits, and we have a full scan that shows historical leaked secrets."
"When they give you a description of what happened, it's really easy to follow and to retest. And the ability to retest is something that you don't have in other solutions. If a secret was detected, you can retest if it is still there. It will show you if it is in the history."
"The secrets detection and alerting is the most important feature. We get alerted almost immediately after someone commits a secret. It has been very accurate, allowing us to jump on it right away, then figure out if we have something substantial that has been leaked or whether it is something that we don't have to worry about. This general main feature of the app is great."
"GitGuardian has pretty broad detection capabilities. It covers all of the types of secrets that we've been interested in... [Yet] The "detector" concept, which identifies particular categories or types of secrets, allows an organization to tweak and tailor the configuration for things that are specific to its environment. This is highly useful if you're particularly worried about a certain type of secret and it can help focus attention, as part of early remediation efforts."
"I like GitGuardian's instant response. When you have an incident, it's reported immediately. The interface gives you a great overview of your current leaked secrets."
"The breadth of the solution detection capabilities is pretty good. They have good categories and a lot of different types of secrets... it gives us a great range when it comes to types of secrets, and that's good for us."
"The most valuable feature of GitGuardian is that it finds tokens and passwords. That's why we need this tool. It minimizes the possibility of security violations that we cannot find on our own."
"The solution is stable."
"What I like about McAfee Total Protection is that it's working. I also like that it doesn't require any specific knowledge to set up."
"Enables customization of file types and for different scenarios."
"The stability of the solution can be good. However, the configuration takes a long time for it to be done properly."
"The initial setup process was easy."
"Offers some good protection features."
"It can scale."
"The overall features of McAfee Total Protection for Data Loss Prevention are very good."
More McAfee Total Protection for Data Loss Prevention Pros →
"We have been somewhat confused by the dashboard at times."
"GitGuardian could have more detailed information on what software engineers can do. It only provides some highly generic feedback when a secret is detected. They should have outside documentation. We send this to our software engineers, who are still doing the commits. It's the wrong way to work, but they are accustomed to doing it this way. When they go into that ticket, they see a few instructions that might be confusing. If I see a leaked secret committed two years ago, it's not enough to undo that commit. I need to go in there, change all my code to utilize GitHub secrets, and go on AWS to validate my key."
"I would like to see more fine-grained access controls when tickets are assigned for incidents. I would like the ability to provide more controls to the team leads or the product managers so that they can drive what we, the AppSec team, are doing."
"GitGuardian encompasses many secrets that companies might have, but we are a Microsoft-only organization, so there are some limitations there in terms of their honey tokens. I'd like for it to not be limited to Amazon-based tokens. It would be nice to see a broader set of providers that you could pick from."
"It would be nice if they supported detecting PII or had some kind of data loss prevention feature."
"They could give a developer access to a dashboard for their team's repositories that just shows their repository secrets. I think more could be exposed to developers."
"Other solutions have a live chat feature that provides instant results. Waiting for an agent to reply to an email is less ideal than an instant conversation with a support employee. That's a complaint so minor I almost hesitate to mention it."
"For some repositories, there are a lot of incidents. For example, one repository says 255 occurrences, so I assume these are 255 alerts and nobody is doing anything about them. These could be false positives. However, I cannot assess it correctly, because I haven't been closing these false positives myself. From the dashboard, I can see that for some of the repositories, there have been a lot of closing of these occurrences, so I would assume there are a lot of false positives. A ballpark estimate would be 60% being false positives. One of the arguments from the developers against this tool is the number of false positives."
"There are a lot of vulnerabilities and viruses and malware can proliferate."
"Technical support doesn't really offer fast response times."
"When this solution is used it requires a lot of administration because the users can have difficulties using it and require assistance. The administrators are continuously modifying the policies for the users. Technical support will be used frequently."
"McAfee needs to clarify its rules."
"The interface can be improved, it's too cluttered."
"The solution takes up too much CPU and memory."
"There needs to be support for blocking the sending of files by email because even if you block or remove an external disk, the files are not protected."
"The solution needs to be a one-stop protection shop. And yet, the DLP isn't strong. Anyone can break it quite easily."
More McAfee Total Protection for Data Loss Prevention Cons →
More McAfee Total Protection for Data Loss Prevention Pricing and Cost Advice →
GitGuardian Platform is ranked 6th in Data Loss Prevention (DLP) with 21 reviews while McAfee Total Protection for Data Loss Prevention is ranked 9th in Data Loss Prevention (DLP) with 29 reviews. GitGuardian Platform is rated 9.0, while McAfee Total Protection for Data Loss Prevention is rated 7.4. The top reviewer of GitGuardian Platform writes "It dramatically improved our ability to detect secrets, saved us time, and reduced our mean time to remediation". On the other hand, the top reviewer of McAfee Total Protection for Data Loss Prevention writes "Highly beneficial DLP functionality, full system protection, and useful file scanning". GitGuardian Platform is most compared with SonarQube, Cycode, GitHub Advanced Security, Snyk and Veracode, whereas McAfee Total Protection for Data Loss Prevention is most compared with Microsoft Purview Data Loss Prevention, HP Wolf Security, Trend Micro Integrated Data Loss Prevention, Cisco Secure Endpoint and Forcepoint Data Loss Prevention. See our GitGuardian Platform vs. McAfee Total Protection for Data Loss Prevention report.
See our list of best Data Loss Prevention (DLP) vendors.
We monitor all Data Loss Prevention (DLP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
