I use GitGuardian Platform to ensure that there are no secrets committed, such as hardcoded values, database credentials, API keys, or any secrets that could be exposed to external users of our application. To maintain security and data accuracy, confidential data should not be shared with other platforms. GitGuardian Platform checks our local code first, then it passes through our CI/CD pipeline as well. When we push code to GitHub, it scans and sends a report via Gmail, so we have to fix those security vulnerabilities.
We initially integrated GitGuardian Public Monitoring into our organization in 2023 into our GitHub repository. We implemented it because we did not want our secret credentials to be exposed to the internet or to a third party such as GitHub. It flags when credentials have been exposed so we can remediate and fix them. GitGuardian Public Monitoring was what my tech lead suggested we use, and we had to incorporate it into our repositories. We use the public monitoring version.
We use it to detect if our engineers are leaking secrets on public GitHub repositories. If any Payfit employee is leaking secrets in their own repositories or, in the Payfit repositories, they will be flagged by either the GitGuardian internal solution or the public one.
GitGuardian is a comprehensive platform focused on enhancing Non-Human Identity security by integrating Secrets Security and Secrets Observability to detect and manage secrets across development environments.
As cybersecurity threats increasingly target NHIs like service accounts and applications, GitGuardian offers a robust solution by supporting over 450 types of secrets and deploying honeytokens for additional defense. Trusted by leading organizations and developers, its monitoring and...
I use GitGuardian Platform to ensure that there are no secrets committed, such as hardcoded values, database credentials, API keys, or any secrets that could be exposed to external users of our application. To maintain security and data accuracy, confidential data should not be shared with other platforms. GitGuardian Platform checks our local code first, then it passes through our CI/CD pipeline as well. When we push code to GitHub, it scans and sends a report via Gmail, so we have to fix those security vulnerabilities.
We initially integrated GitGuardian Public Monitoring into our organization in 2023 into our GitHub repository. We implemented it because we did not want our secret credentials to be exposed to the internet or to a third party such as GitHub. It flags when credentials have been exposed so we can remediate and fix them. GitGuardian Public Monitoring was what my tech lead suggested we use, and we had to incorporate it into our repositories. We use the public monitoring version.
We use GitGuardian Public Monitoring for code that is exposed in public.
We use it to detect if our engineers are leaking secrets on public GitHub repositories. If any Payfit employee is leaking secrets in their own repositories or, in the Payfit repositories, they will be flagged by either the GitGuardian internal solution or the public one.