We performed a comparison between GitGuardian Platform and GitHub Advanced Security based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like GitGuardian's instant response. When you have an incident, it's reported immediately. The interface gives you a great overview of your current leaked secrets."
"There is quite a lot to like. Its user interface is fantastic, and being able to sort the incidents by whether they are valid or for a certain repository or a certain user has been very beneficial in helping investigate what has been found."
"It's also worth mentioning that GitGuardian is unique because they have a free tier that we've been using for the first twelve months. It provides full functionality for smaller teams. We're a smaller company and have never changed in size, but we got to the point where we felt the service brought us value, and we want to pay for it. We also wanted an SLA for technical support and whatnot, so we switched to a paid plan. Without that, they had a super-generous, free tier, and I was immensely impressed with it."
"The most valuable feature is the general incident reporting system."
"We have definitely seen a return on investment when it finds things that are real. We have caught a couple things before they made it to production, and had they made it to production, that would have been dangerous."
"The most valuable feature of GitGuardian is that it finds tokens and passwords. That's why we need this tool. It minimizes the possibility of security violations that we cannot find on our own."
"The entire GitGuardian solution is valuable. The product is doing its job and showing us many things. We get many false positives, but the ability to automatically display potential leaks when developers commit is valuable. The dashboards show you recent and historical commits, and we have a full scan that shows historical leaked secrets."
"It actually creates an incident ticket for us. We can now go end-to-end after a secret has been identified, to track down who owns the repository and who is responsible for cleaning it up."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"The product's most valuable features are security scan, dependency scan, and cost-effectiveness."
"GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
"The most valuable is the developer experience and the extensibility of the overall ecosystem."
"It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part."
"Dependency scanning is a valuable feature."
"It could be easier. They have a CLI tool that engineers can run on their laptops, but getting engineers to install the tool is a manual process. I would like to see them have it integrated into one of those developer tools, e.g., VS Code or JetBrains, so developers don't have to think about it."
"There is room for improvement in GitGuardian on Azure DevOps. The implementation is a bit hard there. This is one of the things we requested help with. I would not say their support is not good, but they need them to improve in helping customers on that side."
"It would be nice if they supported detecting PII or had some kind of data loss prevention feature."
"GitGuardian encompasses many secrets that companies might have, but we are a Microsoft-only organization, so there are some limitations there in terms of their honey tokens. I'd like for it to not be limited to Amazon-based tokens. It would be nice to see a broader set of providers that you could pick from."
"There are some features that are lacking in GitGuardian. The more we grow and the more engineers we have, the more it will become difficult to assign an incident because the assignment is not automatic. I know they are working on that and we are waiting for it."
"Automated Jira tickets would be fantastic. At the moment, I believe we have to go in and click to create a Jira ticket. It would be nice to automate."
"Other solutions have a live chat feature that provides instant results. Waiting for an agent to reply to an email is less ideal than an instant conversation with a support employee. That's a complaint so minor I almost hesitate to mention it."
"One improvement that I'd like to see is a cleaner for Splunk logs. It would be nice to have a middle man for anything we send or receive from Splunk forwarders. I'd love to see it get cleaned by GitGuardian or caught to make sure we don't have any secrets getting committed to Splunk logs."
"There could be DST features included in the product."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
"The report limitations are the main issue."
"There could be a centralized dashboard to view reports of all the projects on one platform."
"The customizations are a little bit difficult."
"A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial."
GitGuardian Platform is ranked 7th in Application Security Tools with 24 reviews while GitHub Advanced Security is ranked 16th in Application Security Tools with 6 reviews. GitGuardian Platform is rated 9.0, while GitHub Advanced Security is rated 9.0. The top reviewer of GitGuardian Platform writes "It dramatically improved our ability to detect secrets, saved us time, and reduced our mean time to remediation". On the other hand, the top reviewer of GitHub Advanced Security writes "A tool that provides ease of integration with the set of existing codes in an infrastructure". GitGuardian Platform is most compared with SonarQube, Cycode, Snyk, Microsoft Purview Data Loss Prevention and Veracode, whereas GitHub Advanced Security is most compared with SonarQube, Snyk, Veracode, Fortify on Demand and Mend.io. See our GitGuardian Platform vs. GitHub Advanced Security report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.