Sold by: GitGuardian
Vendor Insights
The end-to-end secrets security platform for enterprises. Scan and fix hardcoded secrets in source code, CI/CD pipelines, and productivity tools with GitGuardian code security platform.
Sold by: GitGuardian
Overview
GitGuardian is an end-to-end secrets security platform that empowers software-driven organizations to enhance their Non-Human Identity (NHI) security and comply with industry standards.
With attackers increasingly targeting NHIs, such as service accounts and applications, GitGuardian integrates Secrets Security and Secrets Observability. This dual approach enables the detection of compromised secrets across your dev environments while also managing legitimate secrets and their lifecycle.
The platform supports over 450+ types of secrets, offers public monitoring for leaked data, and deploys honeytokens for added defense
Trusted by over 600,000 developers, GitGuardian is the choice of leading organizations like Snowflake, ING, BASF, and Bouygues Telecom for robust secrets protection.
Highlights
- With Secrets Security, GitGuardian aims to eliminate leaks and sprawl, detecting compromised or misused secrets across both public and internal environments. This foundation of NHI security is strengthened by monitoring for incidents, policy violations, and illegitimate use of secrets.
- GitGuardian's Secrets Detection tackles internal secrets sprawl by identifying sensitive data in source code and productivity tools. The platform supports over 450 types of secrets, including API keys, private keys, and database credentials. With a robust policy engine, security teams can enforce rules across major Version Control Systems ( like GitHub, GitLab, BitBucket, and Azure DevOps, CI/CD tools such as Jenkins, Travis CI as well as tools like Slack, Jira, container registries, and more.
- To expand visibility beyond internal systems, GitGuardian Public Monitoring scans public GitHub repositories, detecting sensitive information in both organizational and developers' personal repos. This is crucial, as 80% of corporate secrets leaked on public GitHub stem from personal accounts.
Details
Sold by
Delivery method
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(2)
SOC2
GDPR
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Dimension | Description | Cost/12 months |
|---|---|---|
25 developers | Business Plan, per 25 contributing developers (annual contract) | $5,500.00 |
Vendor refund policy
Please contact sales@gitguardian.com to learn more about GitGuardian's refund policy.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Explore our guides to use the GitGuardian Platform https://docs.gitguardian.com or submit a support request at
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Dotnet-Ubuntu20.04LTS with maintenance support by Apps4Rent
By Apps4rent LLC
This product has charges associated with it for technical support and maintenance provided by Apps4Rent. The usage charges are USD 0.01/hour.
ClimateTracker Climate-related Disclosures - Aotearoa NZ CS 1-3
By ClimateTracker
ClimateTracker provides intelligent AI Climate Disclosure reporting tools that guide organisations through changing climate standards, help make impactful climate decisions and reduce compliance costs
Tailscale is a programmable networking software built on the WireGuard® protocol that ensures seamless connectivity, control, and end-to-end security between any resource on any infrastructure.
Customer reviews
Computer Software
Beginner friendly
Reviewed on Oct 07, 2024
Review provided by G2
What do you like best about the product?
As a novice, I stumbled upon GitGuardian and utilized it to protect sensitive data, particularly API keys and credentials, from accidental exposure. The tool continuously scans all repositories, including those that are private, in real time, which has been a source of confidence for me. The application is very user-friendly, and alarm bells are raised instantly when any threat is detected. I also appreciate that it does not interrupt my workflow, but rather enhances it by managing to integrate itself within my Git operations so that I devote more time towards coding rather than worrying about managing secrets. Customer support immediately responds with a valid mail about user having lost their confidential information online. This creates ease of implementation for a new member to the github community understanding what to and what not to disclose online. GitGuardian automatically gets active when a potential confidential information is leaked, making it the best among all other security methods. And no matter how many times does somebody repeat a mistake, GitGuardian always has their back which although makes frequency of use more but in the longer run teaches the end user something new each time.
What do you dislike about the product?
GitGuardian has many great functionalities for its users, but one drawback that I found is that some alerts tend to be over sensitive making them pick harmless things that do not require any action. This may be overwhelming especially for the newbie users, who are not yet clear with what a real threat entails. Furthermore, the usability of the software could be enhanced by making alert navigation as well as management easier. Nonetheless, these aspects are only a small fraction compared to the overall functionality commercialized, overall this creates easy environment for learners to protect their data whatsoever reevaluating confidential stuff.
What problems is the product solving and how is that benefiting you?
Anything related to keeping possibly confidential things private, if accidentally leaked on github, is taken care by gitguardian. This in itself is a huge feature.
Leave a comment0 comments
Oliver K.
Good advice on security issues concerning passwords etc.
Reviewed on Sep 22, 2024
Review provided by G2
What do you like best about the product?
Very quick response to issues on GitHub projects.
Detailed explanation of the issue.
Detailed explanation of the issue.
What do you dislike about the product?
Soometimes I think, GitGuardian is not right.
E.g. some infomation is stored in .env files, like passwords or STMP access. This is often not wrong in my mind.
E.g. some infomation is stored in .env files, like passwords or STMP access. This is often not wrong in my mind.
What problems is the product solving and how is that benefiting you?
At the moment, G2 is helping to show potential issues, however most of the time, I considered that as not a high risk issue.
PRATYUSH S.
Essential Tool for Detecting Security Risks in Codebases
Reviewed on Sep 08, 2024
Review provided by G2
What do you like best about the product?
GitGuardian is excellent at detecting sensitive information, such as API keys and credentials, in real-time across repositories. It integrates seamlessly with platforms like GitHub and provides timely alerts, which makes securing codebases easy and efficient. The dashboard is intuitive and helps track potential vulnerabilities effectively.
What do you dislike about the product?
The main downside is that the frequent alerts can sometimes feel overwhelming, especially for large projects with many contributors. More fine-tuned control over alert settings could help reduce noise without compromising security.
What problems is the product solving and how is that benefiting you?
GitGuardian helps us prevent sensitive data leaks by automatically scanning for exposed secrets such as API keys, credentials, and tokens in our repositories. This has significantly reduced the risk of security breaches and ensures compliance with security best practices, making our codebase much more secure. It saves us time by automating the process and provides peace of mind knowing that potential vulnerabilities are detected early.
Online Media
Detecting secret keys as fast at scale
Reviewed on Aug 30, 2024
Review provided by G2
What do you like best about the product?
When i pushed the secret keys or there is an threat in code able to detecting and making noise in my mail box 😉
What do you dislike about the product?
As i think in it.
Nothing as of now.
Nothing as of now.
What problems is the product solving and how is that benefiting you?
If there an threat or vulnerable or secret keys in my code, able to detecting it smootly.
Dimitar N.
It has caught many secrets I accidentally leaked. And seems to be quite good in monitoring them.
Reviewed on Aug 30, 2024
Review provided by G2
What do you like best about the product?
That it works very fast and it notifies me adequately
What do you dislike about the product?
Could give a false sense of security if it does miss some kind of secret
What problems is the product solving and how is that benefiting you?
I think it's self explanatory