Gartner®: Avoid Mobile Application Security Pitfalls
3
GitGuardian’s automated secrets detection and remediation integrates security into your DevOps lifecycle. Plug GitGuardian into GitLab and enforce security policies across all your source code repositories and CI pipelines.
Developers
Set up pre-commit Git hooks and catch hardcoded secrets before you push your work.
SECURITY TEAMS
Act on high-fidelity alerts and empower your developers to remediate their own incidents.
Devops & sres
Harden your CI/CD pipelines with automated secrets scanning and never deploy a secret again.
GitGuardian
GitLab Secret Detection
GitGuardian
GitLab Secret Detection
✅ %ndet%+ types of secrets supported with high accuracy level provided by the ability to check the validity of some type of keys before raising an alert
✅ 90 types of secrets based on the rulesets and key types of the open-source tool GitLeaks.
✅ Validity checks.
✅ IaC scanning.
✅ 22 sensitive filenames detected (ex: id_rsa, .env)
✅ 14 file extensions detected (ex: .key, .cert)
✅ Enforce the presence of .gitignore files
❌ No sensitive file names are detected.
❌ No sensitive file extensions are detected.
← swipe left
GitGuardian
GitLab Secret Detection
✅ Supported through GitGuardian CLI app "ggshield", for teams fully embracing Shift Left | Works for Pre-commit, Pre-push, Pre-receive
✅ Supported via customization.
✅ Yes, scanning covers Dockerfile, build arguments, and the image's layers' filesystem
❌ Not supported.
✅ Yes, runs with GitHub Actions, GitLab pipelines, Bitbucket pipelines, Azure pipelines, Jenkins CI, Circle CI, Drone CI, and Travis CI
🟠 Limited to GitLab pipelines.
✅ Yes, runs with GitHub, GitLab, Bitbucket
🟠 Yes, limited to GitLab
← swipe left
GitGuardian
GitLab Secret Detection
✅ Developers can get access to incidents via the GitGuardian dashboard or via a link to an external page to view incident details, fill a feedback form and remediate the incident on their own.
✅ Developers can view pipelines’ security tab and reports in the merge request widget.
🟠 Only available with the GitLab Ultimate plan.
✅ Rich UI/centralized dashboard for Security and Incident Response teams.
✅ Results can be displayed in your GitLab Security Dashboard (see here).
✅ JSON reports for all vulnerabilities are also available.
🟠 Only available with the GitLab Ultimate plan.
✅ Yes, the available roles "Workspace Owner", "Manager" (admin), "Member" and "Restricted" are designed for fine-grained access control down to the occurrence level.
❌ No dedicated roles for Security Engineers.
← swipe left
.png)
(Vue attr) Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
GitGuardian is the code security platform for the DevOps generation.
With automated secrets detection and remediation, our platform enables Dev, Sec, and Ops to advance together towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
