We performed a comparison between GitGuardian Platform and Microsoft Purview Data Loss Prevention based on real PeerSpot user reviews.
Find out in this report how the two Data Loss Prevention (DLP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's also worth mentioning that GitGuardian is unique because they have a free tier that we've been using for the first twelve months. It provides full functionality for smaller teams. We're a smaller company and have never changed in size, but we got to the point where we felt the service brought us value, and we want to pay for it. We also wanted an SLA for technical support and whatnot, so we switched to a paid plan. Without that, they had a super-generous, free tier, and I was immensely impressed with it."
"When they give you a description of what happened, it's really easy to follow and to retest. And the ability to retest is something that you don't have in other solutions. If a secret was detected, you can retest if it is still there. It will show you if it is in the history."
"We have definitely seen a return on investment when it finds things that are real. We have caught a couple things before they made it to production, and had they made it to production, that would have been dangerous."
"The most valuable feature is the alerts when secrets are leaked and we can look at particular repositories to see if there are any outstanding problems. In addition, the solution's detection capabilities seem very broad. We have no concerns there."
"You can also assign tasks to specific teams or people to complete, such as assigning something to the "blue team" or saying that this person needs to do this, and that person needs to do that. That is a great feature because you can actually manage your team internally in GitGuardian."
"GitGuardian has pretty broad detection capabilities. It covers all of the types of secrets that we've been interested in... [Yet] The "detector" concept, which identifies particular categories or types of secrets, allows an organization to tweak and tailor the configuration for things that are specific to its environment. This is highly useful if you're particularly worried about a certain type of secret and it can help focus attention, as part of early remediation efforts."
"It actually creates an incident ticket for us. We can now go end-to-end after a secret has been identified, to track down who owns the repository and who is responsible for cleaning it up."
"What is particularly helpful is that having GitGuardian show that the code failed a check enables us to automatically pass the resolution to the author. We don't have to rely on the reviewer to assign it back to him or her. Letting the authors solve their own problems before they get to the reviewer has significantly improved visibility and reduced the remediation time from multiple days to minutes or hours. Given how time-consuming code reviews can be, it saves some of our more scarce resources."
"One of the valuable features of Purview is the ability to create a legal hold on a user's account within the compliance portal. That's pretty useful when it comes to any litigation or if you want to redeem the content within a mailbox, OneDrive, or a generic public SharePoint site."
"The most valuable features are identifying sensitive data and issuing alerts."
"The product is easy to configure."
"Microsoft Purview Data Loss Prevention's responses are faster. Its installation is also reliable. The security score helps with the security part."
"I rate Microsoft Purview Data Loss Prevention's stability a ten out of ten."
"For Purview's natively integrated compliance across Azure, Dynamics 365, and Office 365, I would give it a 10 out of 10. It provides all the insights and information."
"The product can block the uploads to cloud services."
"It has helped our clients to reduce the time to action on insider threats because it can be integrated."
"There is room for improvement in its integration for bug-tracking. It should be more direct. They have invested a lot in user management, but they need to invest in integrations. That is a real lack."
"It would be nice if they supported detecting PII or had some kind of data loss prevention feature."
"For some repositories, there are a lot of incidents. For example, one repository says 255 occurrences, so I assume these are 255 alerts and nobody is doing anything about them. These could be false positives. However, I cannot assess it correctly, because I haven't been closing these false positives myself. From the dashboard, I can see that for some of the repositories, there have been a lot of closing of these occurrences, so I would assume there are a lot of false positives. A ballpark estimate would be 60% being false positives. One of the arguments from the developers against this tool is the number of false positives."
"The purchasing process is convoluted compared to Snyk, the other tool we use. It's like night and day because you only need to punch in your credit card, and you're set. With GitGuardian, getting a quote took two or three weeks. We paid for it in December but have not settled that payment yet."
"The main thing for me is the customization for some of the healthcare-specific identifiers that we want to validate. There should be some ability, which is coming in the near future, to have custom identifiers. Being in healthcare, we have pretty specific patterns that we need to match for PHI or PII. Having that would add a little bit extra to it."
"It could be easier. They have a CLI tool that engineers can run on their laptops, but getting engineers to install the tool is a manual process. I would like to see them have it integrated into one of those developer tools, e.g., VS Code or JetBrains, so developers don't have to think about it."
"One improvement that I'd like to see is a cleaner for Splunk logs. It would be nice to have a middle man for anything we send or receive from Splunk forwarders. I'd love to see it get cleaned by GitGuardian or caught to make sure we don't have any secrets getting committed to Splunk logs."
"They could give a developer access to a dashboard for their team's repositories that just shows their repository secrets. I think more could be exposed to developers."
"Microsoft Purview Data Loss Prevention's licensing is expensive."
"There is no AIP for Linux systems. That's a setback. Another thing it's lacking is libraries to work with Python. It has libraries for C# and C++, for example, but not for Python and, these days, Python is very useful."
"The AI advancements can improve the false positives."
"A site can have different containers where you store data. We have always wanted to apply compliance, labels, and policies at the container level, rather than to an outer shell or at the site level. That is something we have been looking forward to and I believe Microsoft is already planning something like that."
"There is a lot of ambiguity when you are setting up labels, such as sensitive information labels. It is a little daunting at first if you don't have prior knowledge, and there is a little bit of a learning curve for setting up the labels. Some of the setup wizards could be more helpful from an AI perspective. They can streamline the setup through more AI technologies so that you don't have to jump through so many hoops and different menus and dropdowns. It would be useful to have a setup wizard that is more hands-off and engaging for setting up the information type labels. If you tell them this is what we're trying to protect, it should basically start to lead you down that path of best practices. Such a feature would be great."
"There is a need for improvements, particularly in ensuring that file-based recognition is more reliable and comprehensive."
"The scalability, in terms of the portal, could be more user-friendly. Sometimes I have faced difficulties in identifying the options."
"I would like Microsoft Purview Data Loss Prevention to be on the source code or SQL databases. It is difficult to do classification and labeling when you have a third-party source code or a third-party Oracle database. It is seamless when it comes to Microsoft documents but is not so with third-party source codes. Microsoft needs to work on it a little bit more."
More Microsoft Purview Data Loss Prevention Pricing and Cost Advice →
GitGuardian Platform is ranked 6th in Data Loss Prevention (DLP) with 24 reviews while Microsoft Purview Data Loss Prevention is ranked 1st in Data Loss Prevention (DLP) with 13 reviews. GitGuardian Platform is rated 9.0, while Microsoft Purview Data Loss Prevention is rated 8.0. The top reviewer of GitGuardian Platform writes "It dramatically improved our ability to detect secrets, saved us time, and reduced our mean time to remediation". On the other hand, the top reviewer of Microsoft Purview Data Loss Prevention writes "Automation has given us consistent analytics and improved quality of insights into user activity". GitGuardian Platform is most compared with SonarQube, GitHub Advanced Security, Cycode, Snyk and Veracode, whereas Microsoft Purview Data Loss Prevention is most compared with Symantec Data Loss Prevention, Forcepoint Data Loss Prevention, Amazon Macie, Microsoft Intune and Zscaler DLP. See our GitGuardian Platform vs. Microsoft Purview Data Loss Prevention report.
See our list of best Data Loss Prevention (DLP) vendors.
We monitor all Data Loss Prevention (DLP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
