Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
An unintrusive tool that you forget is even there until it saves you a huge headache
What do you like best about the product?
After you 'correct' an issue, it will tell you both whether the issue is still in the repo, but also, rather importantly, whether that secret is still in the git history as well. I cannot stress enough how many times this has saved me from a huge oversite, where a developer has committed some sort of secret, but then only removed it from their next commit.
What do you dislike about the product?
This is super nitpicky, and take it with a grain of salt because I haven't used the API that much as opposed to other features, but the pricing model of the API is not the most clear thing I have ever read.
What problems is the product solving and how is that benefiting you?
GitGuardian is making secret exposure easier to detect, and has a low effort to implement. Productivity is increased because immediately catching secret exposure prevents at leasst 4 other company employees from having to review the situation, so for every instance caught there is a significant time save.
- Leave a Comment |
- Mark review as helpful
Git Gurdian, The Best open source helper.
What do you like best about the product?
I like the way gitgurdian is set up, where it automatically checks for any secrete that have been pushed by mistake. It also checks. it is very quickly which is really handy when creating prs.
What do you dislike about the product?
I don't dislike anything it is very user-friendly and easy to use with clear instructions on how to set it up. I can also see which secretes have been linked meaning I can go and revoke them.
What problems is the product solving and how is that benefiting you?
It is solving one problem that I have a lot of which is accidentally pushing my .env file which contains all my secretes and when I push it by mistake it creates a big problem as I have to change everything. So it really helps with that problem.
Recommendations to others considering the product:
Use it, it is very good and useful and even if you do not need it now, it can still help you. Like if you accidentally upload your file full of secrets and tokens.
We love GitGuardian.
What do you like best about the product?
GitGuardian offers a free service for startups. We love the easy integration in our developer loop to protect from accidentally checking in secrets. The service was super easy to setup.
What do you dislike about the product?
We do not have anything to dislike about GitGuardian 10/10. We have been offered a free subscription as we are a startup with less then 10 developers which makes this the perfect fit to grow.
What problems is the product solving and how is that benefiting you?
GitGuardian protects us from accidentally checking-in secrets into our code base. This helps prevent us from leaking secrets that might be used to compromise our services.
A guardian to my secret commits to GitHub
What do you like best about the product?
It's simple to set up. Even though I was very careful about exposing keys to GitHub, GitGuardian was able to detect those keys and informed me immediately. The website Interface is easy to navigate and explore the list of actions to take.
What do you dislike about the product?
Nothing yet, as I am still new to GitGuardian my experience has been great so far!
What problems is the product solving and how is that benefiting you?
I recently exposed secret access keys to GitHub and the immediate notification from GitGuardian helped me to revoke those access keys immediately.
A brilliant tool to help keep your codebase secret free!
What do you like best about the product?
The user interface is incredibly intuititive - it looks great.
What do you dislike about the product?
In "Permeter" - I always tend to click on the "source" link first, as I instictively think this will take me to open secrets, but it takes me to Github. Not a biggie, and of course I will learn to click on "Secret Incidents", which is the third column(second URL) across in the table so I get to it second.
What problems is the product solving and how is that benefiting you?
Protecting my codebase from being compromised by containing open secrets.
Recommendations to others considering the product:
Why wouldn't you use Git Guardian? Protect your codebase and get real time updates of security risks.
Must have to keep commit safe
What do you like best about the product?
I like the 2 clicks integration into the hot workflow for pull request integrate. Like the fact that got guardian went backward to perform all security check in previous commits at first.
What do you dislike about the product?
Nothing the product meets all requirements.
What problems is the product solving and how is that benefiting you?
Catching security issue/ data leak within public (or private) for repository. This is particularly usefully for certification process (adding to best practices).
Freelance developer new to GitGuardian
What do you like best about the product?
Interface in website. Easy to navigate and provides critical info.
What do you dislike about the product?
Nothing yet. My experience so far (about 2 weeks) has been terrific.
What problems is the product solving and how is that benefiting you?
Helps flag potential issues with the code I post in GitHub
Has saved me from making mistakes at 3am more than once
What do you like best about the product?
GitGuardian is very painless to use, has a simple and intuitive UI, and will tell you specifically where you made a mistake in regards to secrets or exploitable methods.
What do you dislike about the product?
Initial usage can be a bit daunting - there's alot to take in at first, and it is a bit irritating that private collaborative repositories are not under the default plan (although that is understandable)
What problems is the product solving and how is that benefiting you?
When working late hours on code, GitGuardian helps prevent making innocent mistakes, where an IDE might automatically add a configuration file to a branch push that contains a secret.
Detects quite a few secrets already!
What do you like best about the product?
The service is currently actively detecting quite a few keytypes and other secrets, as you can tell from the OWASP WrongSecrets testbed.
What do you dislike about the product?
It does not detect everything yet: I did not get warnings on some of the callbacks (e.g. Slack Webhooks), but i did on many tokens already.
What problems is the product solving and how is that benefiting you?
It helps detecting secrets in code & it can warn out of band by email about which secrets it found. This can greatly help ensuring secrets remain out of code.
Recommendations to others considering the product:
Start with open source tools first and then see how GitGuardian can help you improve your posture!
Easy to Use
What do you like best about the product?
is easy to set up. there are some false positives on config.yaml.dist files that say FOOBAR_APIKEY: "yourKeyHere" but this is hard to check for if it is a false positive, but it lets you declare whether it is or not which is nice.
What do you dislike about the product?
is slow on pre-commit hooks while waiting for it to run, if it ran faster that'd be cool lol
What problems is the product solving and how is that benefiting you?
no issues.
showing 181 - 190