What is GitGuardian?

GitGuardian is a cybersecurity startup that is automating secrets detection and remediation. We are solving the issue of secrets sprawling within organizations, a widespread problem that leads to some secrets ending up in compromised places or in the public space. GitGuardian raised 12M$ in October 2019 and is backed by prominent investors including Scott Chacon, Co-Founder of GitHub, and Solomon Hykes, Founder of Docker. GitGuardian provides two products, GitGuardian Public Monitoring and GitGuardian Internal Repositories Monitoring, that are aimed at securing two distinct perimeters.

What is GitGuardian Public Monitoring?

GitGuardian Public Monitoring scans all public GitHub, at scale, in real-time. The product links developers with their companies, and then monitors these developers wherever they contribute on public GitHub, especially on their personal public repositories. 80% of corporate leaks on GitHub (that is to say leaks that involve corporate or client data) occur on developers’ personal repositories (as opposed to corporate official open source repositories, if any). Companies often don’t know where their developers’ personal repositories are. They don’t have visibility on them, let alone the authority to enforce security measures there. The product comes in the form of a SaaS dashboard used by Incident Response, Threat Intelligence or Application Security teams to find leaked credentials, investigate and remediate quickly.

What is GitGuardian Internal Repositories Monitoring?

GitGuardian Internal Repositories Monitoring scans corporate repositories, private or Open Source (if any). The product is natively integrated with GitHub and GitLab. It includes a ‘secrets detection as a service’ API as well to integrate in your CI pipeline or with Slack or Jira for example to make sure your secrets don’t end up in all the tools your developers use. The product comes in the form of a dashboard used by Application Security teams to detect credentials and collaborate with development and ops teams to remediate quickly. The product is available in SaaS and On Prem.