Try our new research platform with insights from 80,000+ expert users
GitGuardian Platform Logo

GitGuardian Platform pros and cons

Vendor: GitGuardian
4.4 out of 5
Badge Leader
Leave a review

Pros & Cons summary

GitGuardian Platform offers automatic alerts and broad detection capabilities to quickly resolve issues, enhancing security while reducing remediation time. Developers engage proactively, saving security teams time. A free tier is beneficial for smaller teams, although enhancement in bug-tracking integration, Single Sign-On, and customization for healthcare-specific identifiers is needed. Purchase complexity and frequent false positives, sometimes up to 60%, present challenges, impacting overall user experience despite accurate alerting for expediting remediation.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

GitGuardian Platform allows authors to solve their own problems, reducing remediation time from days to minutes or hours, thus improving visibility and saving resources.
GitGuardian Platform helps develop a security-minded culture by emphasizing shift-left practices, increasing user's mindfulness about code security and the presence of secrets.
GitGuardian Platform's secret detection and alerting capabilities are highly valued for their accuracy and instant notifications, minimizing security violations.
GitGuardian Platform enhances productivity by bridging the gap between security teams and developers, saving time and facilitating automatic remediation by developers.
GitGuardian Platform's real-time secret detection lets organizations protect pipelines and improve data security by monitoring public repositories.

CONS

GitGuardian lacks customization options for healthcare-specific identifiers and currently does not support PII detection or data loss prevention features.
GitGuardian needs improvement in integrating with Splunk logs to ensure secrets are not committed.
There are challenges with integration for Azure DevOps and the bug-tracking system, resulting in insufficient directness and support.
Automatic incident assignment is absent, making it difficult to manage increasing engineer numbers as organizations grow.
There are discrepancies between hook and dashboard scanners, which require better synchronization and fine-tuning.
 

GitGuardian Platform Pros review quotes

it_user1621659 - PeerSpot reviewer
it_user1621659
Chief Software Architect at a tech company with 501-1,000 employees
Jul 8, 2021
What is particularly helpful is that having GitGuardian show that the code failed a check enables us to automatically pass the resolution to the author. We don't have to rely on the reviewer to assign it back to him or her. Letting the authors solve their own problems before they get to the reviewer has significantly improved visibility and reduced the remediation time from multiple days to minutes or hours. Given how time-consuming code reviews can be, it saves some of our more scarce resources.
Read full review
reviewer1692456 - PeerSpot reviewer
reviewer1692456
DevSecOps Engineer at a computer software company with 1,001-5,000 employees
Nov 1, 2021
GitGuardian has also helped us develop a security-minded culture. We're serious about shift left and getting better about code security. I think a lot of people are getting more mindful about what a secret is.
Read full review
IK
Igor Klyashchitskiy
Director of Development at a computer software company with 1,001-5,000 employees
Nov 11, 2021
The most valuable feature of GitGuardian is that it finds tokens and passwords. That's why we need this tool. It minimizes the possibility of security violations that we cannot find on our own.
Read full review
Buyer's Guide
GitGuardian Platform
December 2025
Free Report: GitGuardian Platform Reviews and More
Learn what your peers think about GitGuardian Platform. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
DOWNLOAD NOW
879,259 professionals have used our research since 2012.
AH
Abbas Haidar
Head of InfoSec at a tech vendor with 11-50 employees
Dec 20, 2021
When they give you a description of what happened, it's really easy to follow and to retest. And the ability to retest is something that you don't have in other solutions. If a secret was detected, you can retest if it is still there. It will show you if it is in the history.
Read full review
DM
Don Magee
Security Engineer at a tech services company with 11-50 employees
Jan 11, 2022
We have definitely seen a return on investment when it finds things that are real. We have caught a couple things before they made it to production, and had they made it to production, that would have been dangerous.
Read full review
Jon-Erik Schneiderhan - PeerSpot reviewer
Jon-Erik Schneiderhan
Senior Site Reliability Engineer at a computer software company with 501-1,000 employees
Apr 27, 2022
The secrets detection and alerting is the most important feature. We get alerted almost immediately after someone commits a secret. It has been very accurate, allowing us to jump on it right away, then figure out if we have something substantial that has been leaked or whether it is something that we don't have to worry about. This general main feature of the app is great.
Read full review
Andrei Predoiu - PeerSpot reviewer
Andrei Predoiu
DevOps Engineer at a wholesaler/distributor with 10,001+ employees
Sep 4, 2022
GitGuardian Internal Monitoring has helped increase our secrets detection rate by several orders of magnitude. This is a hard metric to get. For example, if we knew what our secrets were and where they were, we wouldn't need GitGuardian or these types of solutions. There could be a million more secrets that GitGuardian doesn't detect, but it is basically impossible to find them by searching for them.
Read full review
Melvin Mohadeb - PeerSpot reviewer
Melvin Mohadeb
Security Engineer at PayFit
Sep 14, 2022
The breadth of the solution detection capabilities is pretty good. They have good categories and a lot of different types of secrets... it gives us a great range when it comes to types of secrets, and that's good for us.
Read full review
Edvinas Urbasius - PeerSpot reviewer
Edvinas Urbasius
Cybersecurity Consultant at LCG
Nov 9, 2022
GitGuardian has helped to increase our security team's productivity. Now, we don't need to call the developers all the time and ask what they are working on. I feel the solution bridged the gap between our team and the developers, which is really great. I feel that we need that in our company, since some of the departments are just doing whatever and you don't know what they are doing. I think GitGuardian does a good job of bridging the gap. It saves us about 10 hours per week.
Read full review
Theo Cusnir - PeerSpot reviewer
Theo Cusnir
Application Security Engineer at PayFit
Sep 14, 2022
One thing I really like about it is the fact that we can add search words or specific payloads inside the tool, and GitGuardian will look into GitHub and alert us if any of these words is found in a repository... With this capability in the tool, we have good surveillance over our potential blind spots.
Read full review
Show 10 more reviews (out of 30)
 

GitGuardian Platform Cons review quotes

it_user1621659 - PeerSpot reviewer
it_user1621659
Chief Software Architect at a tech company with 501-1,000 employees
Jul 8, 2021
The main thing for me is the customization for some of the healthcare-specific identifiers that we want to validate. There should be some ability, which is coming in the near future, to have custom identifiers. Being in healthcare, we have pretty specific patterns that we need to match for PHI or PII. Having that would add a little bit extra to it.
Read full review
reviewer1692456 - PeerSpot reviewer
reviewer1692456
DevSecOps Engineer at a computer software company with 1,001-5,000 employees
Nov 1, 2021
One improvement that I'd like to see is a cleaner for Splunk logs. It would be nice to have a middle man for anything we send or receive from Splunk forwarders. I'd love to see it get cleaned by GitGuardian or caught to make sure we don't have any secrets getting committed to Splunk logs.
Read full review
IK
Igor Klyashchitskiy
Director of Development at a computer software company with 1,001-5,000 employees
Nov 11, 2021
There is room for improvement in its integration for bug-tracking. It should be more direct. They have invested a lot in user management, but they need to invest in integrations. That is a real lack.
Read full review
Buyer's Guide
GitGuardian Platform
December 2025
Free Report: GitGuardian Platform Reviews and More
Learn what your peers think about GitGuardian Platform. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
DOWNLOAD NOW
879,259 professionals have used our research since 2012.
AH
Abbas Haidar
Head of InfoSec at a tech vendor with 11-50 employees
Dec 20, 2021
There is room for improvement in GitGuardian on Azure DevOps. The implementation is a bit hard there. This is one of the things we requested help with. I would not say their support is not good, but they need them to improve in helping customers on that side.
Read full review
DM
Don Magee
Security Engineer at a tech services company with 11-50 employees
Jan 11, 2022
It could be easier. They have a CLI tool that engineers can run on their laptops, but getting engineers to install the tool is a manual process. I would like to see them have it integrated into one of those developer tools, e.g., VS Code or JetBrains, so developers don't have to think about it.
Read full review
Jon-Erik Schneiderhan - PeerSpot reviewer
Jon-Erik Schneiderhan
Senior Site Reliability Engineer at a computer software company with 501-1,000 employees
Apr 27, 2022
They could give a developer access to a dashboard for their team's repositories that just shows their repository secrets. I think more could be exposed to developers.
Read full review
Andrei Predoiu - PeerSpot reviewer
Andrei Predoiu
DevOps Engineer at a wholesaler/distributor with 10,001+ employees
Sep 4, 2022
Right now, we are waiting for improvement in the RBAC support for GitGuardian.
Read full review
Melvin Mohadeb - PeerSpot reviewer
Melvin Mohadeb
Security Engineer at PayFit
Sep 14, 2022
There are some features that are lacking in GitGuardian. The more we grow and the more engineers we have, the more it will become difficult to assign an incident because the assignment is not automatic. I know they are working on that and we are waiting for it.
Read full review
Edvinas Urbasius - PeerSpot reviewer
Edvinas Urbasius
Cybersecurity Consultant at LCG
Nov 9, 2022
For some repositories, there are a lot of incidents. For example, one repository says 255 occurrences, so I assume these are 255 alerts and nobody is doing anything about them. These could be false positives. However, I cannot assess it correctly, because I haven't been closing these false positives myself. From the dashboard, I can see that for some of the repositories, there have been a lot of closing of these occurrences, so I would assume there are a lot of false positives. A ballpark estimate would be 60% being false positives. One of the arguments from the developers against this tool is the number of false positives.
Read full review
Theo Cusnir - PeerSpot reviewer
Theo Cusnir
Application Security Engineer at PayFit
Sep 14, 2022
I would like to see improvement in some of the user interface features... When one secret is leaked in multiple files or multiple repositories, it will appear on the dashboard. But when you click on that secret, all the occurrences will appear on the page. It would be better to have one secret per occurrence, directly, so that we don't have to click to get to the list of all the occurrences.
Read full review
Show 10 more reviews (out of 30)

Product Categories

Product Categories
Non-Human Identity Management (NHIM)
Application Security Tools
Static Application Security Testing (SAST)
Data Loss Prevention (DLP)
Threat Intelligence Platforms (TIP)
Software Supply Chain Security
DevSecOps

Popular Comparisons

Popular Comparisons
SonarQube vs GitGuardian Platform Logo
SonarQube vs GitGuardian Platform
Snyk vs GitGuardian Platform Logo
Snyk vs GitGuardian Platform
GitLab vs GitGuardian Platform Logo
GitLab vs GitGuardian Platform
Checkmarx One vs GitGuardian Platform Logo
Checkmarx One vs GitGuardian Platform
Veracode vs GitGuardian Platform Logo
Veracode vs GitGuardian Platform
Coverity Static vs GitGuardian Platform Logo
Coverity Static vs GitGuardian Platform
CrowdStrike Falcon Cloud Security vs GitGuardian Platform Logo
CrowdStrike Falcon Cloud Security vs GitGuardian Platform
GitHub Advanced Security vs GitGuardian Platform Logo
GitHub Advanced Security vs GitGuardian Platform
Microsoft Purview Data Loss Prevention vs GitGuardian Platform Logo
Microsoft Purview Data Loss Prevention vs GitGuardian Platform
OWASP Zap vs GitGuardian Platform Logo
OWASP Zap vs GitGuardian Platform
OpenText Core Application Security vs GitGuardian Platform Logo
OpenText Core Application Security vs GitGuardian Platform
Mend.io vs GitGuardian Platform Logo
Mend.io vs GitGuardian Platform
Acunetix vs GitGuardian Platform Logo
Acunetix vs GitGuardian Platform
Sonatype Lifecycle vs GitGuardian Platform Logo
Sonatype Lifecycle vs GitGuardian Platform
PortSwigger Burp Suite Professional vs GitGuardian Platform Logo
PortSwigger Burp Suite Professional vs GitGuardian Platform
See all alternatives

Product Categories

Product Categories
Non-Human Identity Management (NHIM)
Application Security Tools
Static Application Security Testing (SAST)
Data Loss Prevention (DLP)
Threat Intelligence Platforms (TIP)
Software Supply Chain Security
DevSecOps

Popular Comparisons

Popular Comparisons
SonarQube vs GitGuardian Platform Logo
SonarQube vs GitGuardian Platform
Snyk vs GitGuardian Platform Logo
Snyk vs GitGuardian Platform
GitLab vs GitGuardian Platform Logo
GitLab vs GitGuardian Platform
Checkmarx One vs GitGuardian Platform Logo
Checkmarx One vs GitGuardian Platform
Veracode vs GitGuardian Platform Logo
Veracode vs GitGuardian Platform
Coverity Static vs GitGuardian Platform Logo
Coverity Static vs GitGuardian Platform
CrowdStrike Falcon Cloud Security vs GitGuardian Platform Logo
CrowdStrike Falcon Cloud Security vs GitGuardian Platform
GitHub Advanced Security vs GitGuardian Platform Logo
GitHub Advanced Security vs GitGuardian Platform
Microsoft Purview Data Loss Prevention vs GitGuardian Platform Logo
Microsoft Purview Data Loss Prevention vs GitGuardian Platform
OWASP Zap vs GitGuardian Platform Logo
OWASP Zap vs GitGuardian Platform
OpenText Core Application Security vs GitGuardian Platform Logo
OpenText Core Application Security vs GitGuardian Platform
Mend.io vs GitGuardian Platform Logo
Mend.io vs GitGuardian Platform
Acunetix vs GitGuardian Platform Logo
Acunetix vs GitGuardian Platform
Sonatype Lifecycle vs GitGuardian Platform Logo
Sonatype Lifecycle vs GitGuardian Platform
PortSwigger Burp Suite Professional vs GitGuardian Platform Logo
PortSwigger Burp Suite Professional vs GitGuardian Platform
See all alternatives
Related questions
  • 15
When evaluating Non-Human Identity Management (NHIM), what aspect do you think is the most important to look for?
  • 10
Why is Non-Human Identity Management (NHIM) important for companies?