Within Application Security (AppSec) there is a lot of hype around the concept of bringing together development teams and security teams. These concepts are encompassed through catchy terms like DevSecOps. But outside of catchy phrases and presentations, while this is of course a great concept, the reality of bringing these teams together is difficult.
GitGuardian's “Dev in the loop” is another step towards bringing this into reality with a practical feature that improves the workflow of remediating a secret incident between developers and security teams.
What Dev in the loop actually does?
When a secret is leaked, internally or publicly, the first point of call for security teams should be to consult with the developer responsible and find out vital information such as:
Is this a test key?
What does it provide access to?
Does this affect production or staging environments?
Previously security teams using GitGuardian would:
- See the leak and identify the developer
- Contact the developer via external communication
- Ask for feedback on the leak
- Report back developers feedback
- Take action to remediate the issue with the developer
- Confirm appropriate remediation has been achieved
Dealing with a security incident can be a very time-sensitive matter and communication with development teams, while crucial, can extend the remediation process and create friction among departments. Especially considering security teams can be flooded with alerts from various tools that all need to be investigated. Now using the “Dev in the loop” feature, the communication process with the developer can be streamlined by, literally, making the developer part of the security and remediation process.
Dev in the loop workflow
- After an incident, GitGuardian will create an expirable page that can be manually (and automatically for Business users) sent to the developer after an incident.
- The GitGuardian user can even decide if the developers can resolve the incident themselves
- Developer answers automatically generated questions
- Developer responses are collected in the GitGuardian dashboard for the security team to respond and take action
Because the developer is brought into the remediation process quickly, incidents can be resolved immediately. Developers that are not GitGuardian dashboard users are also able to mark an incident as resolved so the security team only needs to review the situation.
How to use Dev in the loop
- To view the feature, navigate to the incident page and select an incident.
- See the section labeled “SHARING”
- Copy the link provided and email it to the responsible developer via external communication
- If using internal monitoring, decide if you want the developer to be able to resolve this issue themselves or not
- Review feedback from the GitGuardian Dashboard
To get a demo of this feature please reach out to the sales team to schedule a callGet a demo - contact sales