GitGuardian Platform pros and cons

Vendor: GitGuardian

4.5 out of 5

21 reviews
100% willing to recommend

GitGuardian Platform Pros review quotes

DC

Chief Software Architect at a tech company with 501-1,000 employees

Jul 8, 2021

What is particularly helpful is that having GitGuardian show that the code failed a check enables us to automatically pass the resolution to the author. We don't have to rely on the reviewer to assign it back to him or her. Letting the authors solve their own problems before they get to the reviewer has significantly improved visibility and reduced the remediation time from multiple days to minutes or hours. Given how time-consuming code reviews can be, it saves some of our more scarce resources.

Read full review

UP

reviewer2223084

Lead Security Engineer at OutSystems

Jun 28, 2023

It actually creates an incident ticket for us. We can now go end-to-end after a secret has been identified, to track down who owns the repository and who is responsible for cleaning it up.

Read full review

Application Security Engineer at Beyond Identity

May 4, 2023

It enables us to identify leaks that happened in the past and remediate current leaks as they happen in near real-time. When I say "near real-time," I mean within minutes. These are industry-leading remediation timelines for credential leaks. Previously, it might have taken companies years to get credentials detected or remediated. We can do it in minutes.

Read full review

GitGuardian Platform

Free Report: GitGuardian Platform Reviews and More

Learn what your peers think about GitGuardian Platform. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.

768,578 professionals have used our research since 2012.

DM

Security Engineer at a tech services company with 11-50 employees

Jan 11, 2022

We have definitely seen a return on investment when it finds things that are real. We have caught a couple things before they made it to production, and had they made it to production, that would have been dangerous.

Read full review

DevOps Engineer at a wholesaler/distributor with 10,001+ employees

Sep 4, 2022

GitGuardian Internal Monitoring has helped increase our secrets detection rate by several orders of magnitude. This is a hard metric to get. For example, if we knew what our secrets were and where they were, we wouldn't need GitGuardian or these types of solutions. There could be a million more secrets that GitGuardian doesn't detect, but it is basically impossible to find them by searching for them.

Read full review

BK

reviewer1692456

DevSecOps Engineer at Tenable Network Security

Nov 1, 2021

GitGuardian has also helped us develop a security-minded culture. We're serious about shift left and getting better about code security. I think a lot of people are getting more mindful about what a secret is.

Read full review

Jon-Erik Schneiderhan

Senior Site Reliability Engineer at a computer software company with 501-1,000 employees

Apr 27, 2022

The secrets detection and alerting is the most important feature. We get alerted almost immediately after someone commits a secret. It has been very accurate, allowing us to jump on it right away, then figure out if we have something substantial that has been leaked or whether it is something that we don't have to worry about. This general main feature of the app is great.

Read full review

EE

reviewer2352429

Systems Engineer at a marketing services firm with 11-50 employees

Feb 29, 2024

It's also worth mentioning that GitGuardian is unique because they have a free tier that we've been using for the first twelve months. It provides full functionality for smaller teams. We're a smaller company and have never changed in size, but we got to the point where we felt the service brought us value, and we want to pay for it. We also wanted an SLA for technical support and whatnot, so we switched to a paid plan. Without that, they had a super-generous, free tier, and I was immensely impressed with it.

Read full review

EU

reviewer1959975

IT Security Specialist – SOC analyst at a wholesaler/distributor with 10,001+ employees

Nov 9, 2022

GitGuardian has helped to increase our security team's productivity. Now, we don't need to call the developers all the time and ask what they are working on. I feel the solution bridged the gap between our team and the developers, which is really great. I feel that we need that in our company, since some of the departments are just doing whatever and you don't know what they are doing. I think GitGuardian does a good job of bridging the gap. It saves us about 10 hours per week.

Read full review

Head of Development at Inhabit

Mar 19, 2024

Some of our teams have hundreds of repositories, so filtering by team saves a lot of time and effort.

Read full review

Show 10 more reviews (out of 21)

GitGuardian Platform Cons review quotes

DC

Chief Software Architect at a tech company with 501-1,000 employees

Jul 8, 2021

The main thing for me is the customization for some of the healthcare-specific identifiers that we want to validate. There should be some ability, which is coming in the near future, to have custom identifiers. Being in healthcare, we have pretty specific patterns that we need to match for PHI or PII. Having that would add a little bit extra to it.

Read full review

UP

reviewer2223084

Lead Security Engineer at OutSystems

Jun 28, 2023

I would like to see more fine-grained access controls when tickets are assigned for incidents. I would like the ability to provide more controls to the team leads or the product managers so that they can drive what we, the AppSec team, are doing.

Read full review

Application Security Engineer at Beyond Identity

May 4, 2023

Other solutions have a live chat feature that provides instant results. Waiting for an agent to reply to an email is less ideal than an instant conversation with a support employee. That's a complaint so minor I almost hesitate to mention it.

Read full review

GitGuardian Platform

Free Report: GitGuardian Platform Reviews and More

Learn what your peers think about GitGuardian Platform. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.

768,578 professionals have used our research since 2012.

DM

Security Engineer at a tech services company with 11-50 employees

Jan 11, 2022

It could be easier. They have a CLI tool that engineers can run on their laptops, but getting engineers to install the tool is a manual process. I would like to see them have it integrated into one of those developer tools, e.g., VS Code or JetBrains, so developers don't have to think about it.

Read full review

DevOps Engineer at a wholesaler/distributor with 10,001+ employees

Sep 4, 2022

Right now, we are waiting for improvement in the RBAC support for GitGuardian.

Read full review

BK

reviewer1692456

DevSecOps Engineer at Tenable Network Security

Nov 1, 2021

One improvement that I'd like to see is a cleaner for Splunk logs. It would be nice to have a middle man for anything we send or receive from Splunk forwarders. I'd love to see it get cleaned by GitGuardian or caught to make sure we don't have any secrets getting committed to Splunk logs.

Read full review

Jon-Erik Schneiderhan

Senior Site Reliability Engineer at a computer software company with 501-1,000 employees

Apr 27, 2022

They could give a developer access to a dashboard for their team's repositories that just shows their repository secrets. I think more could be exposed to developers.

Read full review

EE

reviewer2352429

Systems Engineer at a marketing services firm with 11-50 employees

Feb 29, 2024

The purchasing process is convoluted compared to Snyk, the other tool we use. It's like night and day because you only need to punch in your credit card, and you're set. With GitGuardian, getting a quote took two or three weeks. We paid for it in December but have not settled that payment yet.

Read full review

EU

reviewer1959975

IT Security Specialist – SOC analyst at a wholesaler/distributor with 10,001+ employees

Nov 9, 2022

For some repositories, there are a lot of incidents. For example, one repository says 255 occurrences, so I assume these are 255 alerts and nobody is doing anything about them. These could be false positives. However, I cannot assess it correctly, because I haven't been closing these false positives myself. From the dashboard, I can see that for some of the repositories, there have been a lot of closing of these occurrences, so I would assume there are a lot of false positives. A ballpark estimate would be 60% being false positives. One of the arguments from the developers against this tool is the number of false positives.

Read full review

Head of Development at Inhabit

Mar 19, 2024

We have encountered occasional difficulties with the Single Sign-On process.

Read full review

Show 10 more reviews (out of 20)

Product Categories

Product Categories

Application Security Tools

Application Security Testing (AST)

Data Loss Prevention (DLP)

Software Supply Chain Security

Popular Comparisons

Popular Comparisons

SonarQube vs GitGuardian Platform

Veracode vs GitGuardian Platform

Checkmarx One vs GitGuardian Platform

Snyk vs GitGuardian Platform

Microsoft Purview Data Loss Prevention vs GitGuardian Platform

Forcepoint Data Loss Prevention vs GitGuardian Platform

GitHub Advanced Security vs GitGuardian Platform

Cycode vs GitGuardian Platform

Nightfall vs GitGuardian Platform

See all alternatives

Product Categories

Product Categories

Application Security Tools

Application Security Testing (AST)

Data Loss Prevention (DLP)

Software Supply Chain Security

Popular Comparisons

Popular Comparisons

SonarQube vs GitGuardian Platform

Veracode vs GitGuardian Platform

Checkmarx One vs GitGuardian Platform

Snyk vs GitGuardian Platform

Microsoft Purview Data Loss Prevention vs GitGuardian Platform

Forcepoint Data Loss Prevention vs GitGuardian Platform

GitHub Advanced Security vs GitGuardian Platform

Cycode vs GitGuardian Platform

Nightfall vs GitGuardian Platform

See all alternatives

Related questions

1,380

If you had to both encrypt and compress data during transmission, which would you do first and why?

200

When evaluating Application Security, what aspect do you think is the most important to look for?

277

What are the threats associated with using ‘bogus’ cybersecurity tools?

638

What are the Top 5 cybersecurity trends in 2022?

45

Which application security solutions include both vulnerability scans and quality checks?

113

We're evaluating Tripwire, what else should we consider?

3,250

Is SonarQube the best tool for static analysis?

79

Why Do I Need Application Security Software?

181

Which Email Security enterprise solution would you choose: Cisco Secure Email vs Forcepoint Email Security vs Barracuda Email Security Gateway?

627

What is the difference between "data protection in transit" vs "data protection at rest"?