Igor Klyashchitskiy, Director of Development and his team have been using GitGuardian tools for 3 years to minimize the possibility of security violations that they could not find without automated secret detection. PeerSpot has interviewed him and written an objective and detailed review.
Igor really sees GitGuardian Internal Monitoring as a support to their shift left strategy:
“It gives us the ability to provide more information, and earlier, to development. That means when the time comes for releases, the code is clean from a security standpoint.”
“Another benefit is that the speed of remediation has been significantly improved because we get notification immediately, as issues are detected, very close to the check-in time.”
“It also gives us more visibility and helps to create awareness about security in our code.”
He also expresses how it participates in the overall security of the software supply chain:
“We have seen ROI because GitGuardian has found some secrets that were checked in as part of the code and it helped us to prevent an area of possible attack on our corporate network and resources. In the same way, it protects our customers. “
His advice to security practitioners is the following:
“Secrets detection is one of the top-five priorities in a security program for any development. It defends the company's interests and secrets. If a colleague in security at another company were to tell me that secrets detection isn't a priority, I would tell him I highly recommend this product.”
And as for GitGuardian performances:
“Issues are detected pretty quickly. The tool, from an administration standpoint, is very easy to support, and it has good audit-log visibility. GitGuardian has superior functionality when it comes to detection.”
So try it today! And remember if you are an individual developer or part of a small team, it is free!
Sign up to GitGuardian with GitHub