We performed a comparison between GitGuardian Platform and GitGuardian Public Monitoring based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It actually creates an incident ticket for us. We can now go end-to-end after a secret has been identified, to track down who owns the repository and who is responsible for cleaning it up."
"The most valuable feature is the alerts when secrets are leaked and we can look at particular repositories to see if there are any outstanding problems. In addition, the solution's detection capabilities seem very broad. We have no concerns there."
"What is particularly helpful is that having GitGuardian show that the code failed a check enables us to automatically pass the resolution to the author. We don't have to rely on the reviewer to assign it back to him or her. Letting the authors solve their own problems before they get to the reviewer has significantly improved visibility and reduced the remediation time from multiple days to minutes or hours. Given how time-consuming code reviews can be, it saves some of our more scarce resources."
"The breadth of the solution detection capabilities is pretty good. They have good categories and a lot of different types of secrets... it gives us a great range when it comes to types of secrets, and that's good for us."
"GitGuardian has pretty broad detection capabilities. It covers all of the types of secrets that we've been interested in... [Yet] The "detector" concept, which identifies particular categories or types of secrets, allows an organization to tweak and tailor the configuration for things that are specific to its environment. This is highly useful if you're particularly worried about a certain type of secret and it can help focus attention, as part of early remediation efforts."
"I like that GitGuardian automatically notifies the developer who committed the change. The security team doesn't need to act as the intermediary and tell the developer there is an alert. The alert goes directly to the developer."
"It's also worth mentioning that GitGuardian is unique because they have a free tier that we've been using for the first twelve months. It provides full functionality for smaller teams. We're a smaller company and have never changed in size, but we got to the point where we felt the service brought us value, and we want to pay for it. We also wanted an SLA for technical support and whatnot, so we switched to a paid plan. Without that, they had a super-generous, free tier, and I was immensely impressed with it."
"The entire GitGuardian solution is valuable. The product is doing its job and showing us many things. We get many false positives, but the ability to automatically display potential leaks when developers commit is valuable. The dashboards show you recent and historical commits, and we have a full scan that shows historical leaked secrets."
"One thing I really like about it is the fact that we can add search words or specific payloads inside the tool, and GitGuardian will look into GitHub and alert us if any of these words is found in a repository... With this capability in the tool, we have good surveillance over our potential blind spots."
"The Explore function is valuable for finding specific things I'm looking for."
"We'd like to request a new GitGuardian feature that automates user onboarding and access control for code repositories."
"One improvement that I'd like to see is a cleaner for Splunk logs. It would be nice to have a middle man for anything we send or receive from Splunk forwarders. I'd love to see it get cleaned by GitGuardian or caught to make sure we don't have any secrets getting committed to Splunk logs."
"There is room for improvement in GitGuardian on Azure DevOps. The implementation is a bit hard there. This is one of the things we requested help with. I would not say their support is not good, but they need them to improve in helping customers on that side."
"Right now, we are waiting for improvement in the RBAC support for GitGuardian."
"The purchasing process is convoluted compared to Snyk, the other tool we use. It's like night and day because you only need to punch in your credit card, and you're set. With GitGuardian, getting a quote took two or three weeks. We paid for it in December but have not settled that payment yet."
"Other solutions have a live chat feature that provides instant results. Waiting for an agent to reply to an email is less ideal than an instant conversation with a support employee. That's a complaint so minor I almost hesitate to mention it."
"They could give a developer access to a dashboard for their team's repositories that just shows their repository secrets. I think more could be exposed to developers."
"There is room for improvement in its integration for bug-tracking. It should be more direct. They have invested a lot in user management, but they need to invest in integrations. That is a real lack."
"I would like to see improvement in some of the user interface features... When one secret is leaked in multiple files or multiple repositories, it will appear on the dashboard. But when you click on that secret, all the occurrences will appear on the page. It would be better to have one secret per occurrence, directly, so that we don't have to click to get to the list of all the occurrences."
"I'm excited about the possibility of Public Postman scanning being integrated with GitGuardian in the future. Additionally, I'm interested in exploring the potential use of honeytokens, which seems like a compelling approach to lure and identify attackers."
More GitGuardian Public Monitoring Pricing and Cost Advice →
GitGuardian Platform is ranked 8th in Application Security Tools with 22 reviews while GitGuardian Public Monitoring is ranked 27th in Application Security Tools with 2 reviews. GitGuardian Platform is rated 9.0, while GitGuardian Public Monitoring is rated 9.0. The top reviewer of GitGuardian Platform writes "It dramatically improved our ability to detect secrets, saved us time, and reduced our mean time to remediation". On the other hand, the top reviewer of GitGuardian Public Monitoring writes "Helps us prioritize remediation tasks efficiently, improves our overall security visibility, and is effective in detecting and alerting us to security leaks quickly". GitGuardian Platform is most compared with SonarQube, Cycode, GitHub Advanced Security, Snyk and Microsoft Purview Data Loss Prevention, whereas GitGuardian Public Monitoring is most compared with Snyk. See our GitGuardian Platform vs. GitGuardian Public Monitoring report.
See our list of best Application Security Tools vendors, best Application Security Testing (AST) vendors, and best Data Loss Prevention (DLP) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
