GitGuardian’s automated secrets detection and remediation integrates security into your DevOps lifecycle. Plug GitGuardian into GitLab and enforce security policies across all your source code repositories and CI pipelines.
Developers
Set up pre-commit Git hooks and catch hardcoded secrets before you push your work.
SECURITY TEAMS
Act on high-fidelity alerts and empower your developers to remediate their own incidents.
Devops & sres
Harden your CI/CD pipelines with automated secrets scanning and never deploy a secret again.
GitGuardian
GitLab Secret Detection
Automated detection
GitGuardian
GitLab Secret Detection
Secrets
%ndet%+ types of secrets supported with high accuracy level provided by the ability to check the validity of some type of keys before raising an alert
90+ secret detection patterns based on the rulesets and key types of open-source tool GitLeaks.
Policies
• 22 sensitive filenames detected (ex: id_rsa, .env)
• 14 file extensions detected (ex: .key, .cert)
• enforce the presence of .gitignore files
Not supported
← swipe left
SDLC stages scanning
GitGuardian
GitLab Secret Detection
Git Hooks
Supported through GitGuardian CLI app "ggshield", for teams fully embracing Shift Left | Works for Pre-commit, Pre-push, Pre-receive
Supported via customization
Docker image scanning
Yes, scanning covers Dockerfile, build arguments, and the image's layers' filesystem
Not supported
CI pipelines
Yes, runs with GitHub Actions, GitLab pipelines, Bitbucket pipelines, Azure pipelines, Jenkins CI, Circle CI, Drone CI, and Travis CI.
Limited to GitLab CI/CD
VCS integration (multi VCS)
Yes, Integrates natively with GitLab, GitHub, and Bitbucket.
No, limited to GitLab
← swipe left
User Interface
GitGuardian
GitLab Secret Detection
Developer and Security collaboration
“Developer in the loop” feature (scoped access to the dashboard for developers), GitGuardian is also compatible with GitLab pipelines via gg-shield
Developers can view pipelines’ security tab and reports in the Merge Request widget. Only available with GitLab Ultimate plan.
User interface/ dashboard
Yes, rich UI with centralized metrics to assess security posture over time and remediation performance.
Limited, through the Security dashboard. Only available with GitLab Ultimate plan.
Roles and permissions
Yes, runs with GitHub Actions, GitLab pipelines, Bitbucket pipelines, Azure pipelines, Jenkins CI, Circle CI, Drone CI, and Travis CI
No dedicated roles for Security Engineers
← swipe left
Understand how GitGuardian compares with GITLAB SECRET DETECTION,
so you can find the best fit for you.