We performed a comparison between GitGuardian Platform and Trellix DLP based on real PeerSpot user reviews.
Find out in this report how the two Data Loss Prevention (DLP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."GitGuardian has pretty broad detection capabilities. It covers all of the types of secrets that we've been interested in... [Yet] The "detector" concept, which identifies particular categories or types of secrets, allows an organization to tweak and tailor the configuration for things that are specific to its environment. This is highly useful if you're particularly worried about a certain type of secret and it can help focus attention, as part of early remediation efforts."
"It's also worth mentioning that GitGuardian is unique because they have a free tier that we've been using for the first twelve months. It provides full functionality for smaller teams. We're a smaller company and have never changed in size, but we got to the point where we felt the service brought us value, and we want to pay for it. We also wanted an SLA for technical support and whatnot, so we switched to a paid plan. Without that, they had a super-generous, free tier, and I was immensely impressed with it."
"The entire GitGuardian solution is valuable. The product is doing its job and showing us many things. We get many false positives, but the ability to automatically display potential leaks when developers commit is valuable. The dashboards show you recent and historical commits, and we have a full scan that shows historical leaked secrets."
"I like GitGuardian's instant response. When you have an incident, it's reported immediately. The interface gives you a great overview of your current leaked secrets."
"The secrets detection and alerting is the most important feature. We get alerted almost immediately after someone commits a secret. It has been very accurate, allowing us to jump on it right away, then figure out if we have something substantial that has been leaked or whether it is something that we don't have to worry about. This general main feature of the app is great."
"You can also assign tasks to specific teams or people to complete, such as assigning something to the "blue team" or saying that this person needs to do this, and that person needs to do that. That is a great feature because you can actually manage your team internally in GitGuardian."
"It actually creates an incident ticket for us. We can now go end-to-end after a secret has been identified, to track down who owns the repository and who is responsible for cleaning it up."
"We have definitely seen a return on investment when it finds things that are real. We have caught a couple things before they made it to production, and had they made it to production, that would have been dangerous."
"Trellix can transfer the data through the cloud. The storage device control is an important feature."
"The tool has prebuilt templates for data classification. It is easier for customers to get started."
"Scalability is feasible since it's on-premises. It's easy to scale there."
"It prevents enterprises from installing external software and devices and can block specific network pathways."
"The purchasing process is convoluted compared to Snyk, the other tool we use. It's like night and day because you only need to punch in your credit card, and you're set. With GitGuardian, getting a quote took two or three weeks. We paid for it in December but have not settled that payment yet."
"It would be nice if they supported detecting PII or had some kind of data loss prevention feature."
"An area for improvement is the front end for incidents. The user experience in this area could be much better."
"GitGuardian could have more detailed information on what software engineers can do. It only provides some highly generic feedback when a secret is detected. They should have outside documentation. We send this to our software engineers, who are still doing the commits. It's the wrong way to work, but they are accustomed to doing it this way. When they go into that ticket, they see a few instructions that might be confusing. If I see a leaked secret committed two years ago, it's not enough to undo that commit. I need to go in there, change all my code to utilize GitHub secrets, and go on AWS to validate my key."
"GitGuardian's hook and dashboard scanners are the two entities. They should work together as one. We've seen several discrepancies where the hook is not being flagged on the dashboard. I still think they need to do some fine-tuning around that. We don't want to waste time."
"For some repositories, there are a lot of incidents. For example, one repository says 255 occurrences, so I assume these are 255 alerts and nobody is doing anything about them. These could be false positives. However, I cannot assess it correctly, because I haven't been closing these false positives myself. From the dashboard, I can see that for some of the repositories, there have been a lot of closing of these occurrences, so I would assume there are a lot of false positives. A ballpark estimate would be 60% being false positives. One of the arguments from the developers against this tool is the number of false positives."
"It took us a while to get new patterns introduced into the pattern reporting process."
"I would like to see more fine-grained access controls when tickets are assigned for incidents. I would like the ability to provide more controls to the team leads or the product managers so that they can drive what we, the AppSec team, are doing."
"The whole UI of the server console installed on the standalone computers is hefty."
"In future releases, I would like to see like to see encryption available on the cloud-based version."
"Trellix needs to improve customer support."
"Trellix is incompatible with Linux, and its DLP part is incompatible with Mac. Sometimes, it does not work on Windows, either."
GitGuardian Platform is ranked 6th in Data Loss Prevention (DLP) with 21 reviews while Trellix DLP is ranked 21st in Data Loss Prevention (DLP) with 4 reviews. GitGuardian Platform is rated 9.0, while Trellix DLP is rated 8.0. The top reviewer of GitGuardian Platform writes "It dramatically improved our ability to detect secrets, saved us time, and reduced our mean time to remediation". On the other hand, the top reviewer of Trellix DLP writes "Comes in a single console: Emission, endpoint security, everything in one product, one agent". GitGuardian Platform is most compared with SonarQube, Cycode, GitHub Advanced Security, Snyk and Microsoft Purview Data Loss Prevention, whereas Trellix DLP is most compared with Microsoft Purview Data Loss Prevention, Symantec Data Loss Prevention, Varonis Platform, Forcepoint Data Loss Prevention and CoSoSys Endpoint Protector. See our GitGuardian Platform vs. Trellix DLP report.
See our list of best Data Loss Prevention (DLP) vendors.
We monitor all Data Loss Prevention (DLP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
