Challenges
Solution
Results
What is most valuable?
Key quote
What’s next
What is our primary use case?
The GitGuardian Platform is primarily used for dependency checks within our development process. This allows us to create a catalog of all dependencies used throughout our code repositories.
How has it helped my organization?
We've been impressed with the detection capabilities of the GitGuardian Platform. In fact, it's performing very well compared to other solutions we've evaluated that meet FDA compliance standards. To this end, we're currently in the midst of a trial period with GitGuardian to further assess its effectiveness for our needs.
What is most valuable?
The most valuable feature is its ability to automate both downloading the repository and generating a Software Bill of Materials directly from it. This allows us to efficiently obtain the complete SBOM, including all dependencies, for either a new repository or a previously selected one.
What needs improvement?
One of our current challenges is that the GitGuardian platform identifies encrypted secrets and statements as sensitive information even though they're secured. This leads to unnecessary incidents being flagged, causing problems for our workflow. To address this, a context-based secret scanning feature would be a valuable improvement. This functionality would allow the platform to understand the context of the data before flagging it as a secret, reducing the number of false positives.
For how long have I used the solution?
I have been using the GitGuardian Platform for six months.
What do I think about the stability of the solution?
I would rate the stability of the GitGuardian Platform ten out of ten.
What do I think about the scalability of the solution?
GitGuardian meets our scaling needs.
How are customer service and support?
I'm impressed with the technical support team. We have bi-weekly meetings where we discuss any issues, and whenever I need something, I've received a response within a few hours.
Which solution did I use previously and why did I switch?
How was the initial setup?
What about the implementation team?
What was our ROI?
What's my experience with pricing, setup cost, and licensing?
Which other solutions did I evaluate?
In addition to GitGuardian Platform, we are also evaluating GitHub Dependabot and Snyk. One of the key features that impressed us with GitGuardian Platform is its ability to automatically create incidents for security vulnerabilities. This is particularly helpful because it allows us to prioritize these incidents based on their CVSS score, ensuring we address the most critical issues first.
What other advice do I have?
I would rate the GitGuardian Platform nine out of ten.
.svg)
