GitGuardian Reviews (272)

Reviews

GitGuardian Reviews (272)

4.8
272 reviews

What do users say?

Generated using AI from real user reviews
Users consistently praise the real-time detection of sensitive data leaks, highlighting how it provides timely alerts that help prevent security breaches. The intuitive interface and seamless integration with GitHub make it easy for developers to manage incidents effectively. However, some users note that the volume of alerts can be overwhelming, especially for larger projects.

Pros & Cons

Generated from real user reviews
View All Pros and Cons
Search reviews
Filter Reviews
Clear Results
G2 reviews are authentic and verified.
Mihir R.
MR
Mihir R.
Founder & CEO
Small-Business (50 or fewer emp.)
"Effortless Secret Detection with GitGuardian"
5/5
What do you like best about GitGuardian?

I primarily use GitGuardian to detect exposed secrets and credentials in our git repositories during development. It helps us catch accidentally committed API keys, tokens, and other sensitive information before they become security incidents. We also use it to mitigate the risk of credential leaks and ensure repositories remain compliant with security best practices. The alerts are actionable, making it easy for us to act fast on affected files and rotate compromised secrets quickly when needed. It's very easy to use and set up, detects exposed secrets quickly, and provides clear, actionable alerts. It fits seamlessly into our development workflow without slowing us down. The initial setup was very easy, and I use GitGuardian with GitHub as part of our development workflow, along with our CI/CD pipeline, to catch exposed secrets early and respond to alerts quickly. Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

The only thing I would like to see improved is reducing occasional false positives like local development mode defaults and default dummy test credentials and providing more repo-specific customizations for alert rules. More granular filtering options would help teams more. Review collected by and hosted on G2.com.

Yiranubari M.
YM
Yiranubari M.
Back End Developer
Small-Business (50 or fewer emp.)
"Fantastic Automated Secrets Scanning That Integrates Seamlessly"
4/5
What do you like best about GitGuardian?

GitGuardian’s automated secrets scanning is fantastic. It integrates smoothly with my version control system and alerts me right away if any sensitive credentials or API keys are accidentally committed. It’s very easy to use and adds a critical layer of security to my codebase, giving me more confidence that nothing slips through. Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

Overall, I honestly don’t dislike anything about GitGuardian. On a lighter note, though, every time I get one of those warning emails from GitGuardian, my heart skips a beat—lol. Review collected by and hosted on G2.com.

Verified User in Computer Software
UC
Verified User in Computer Software
Small-Business (50 or fewer emp.)
"Weekly Repo Insights with Helpful Fix Suggestions"
5/5
What do you like best about GitGuardian?

This service sends weekly emails about your repos where you’ve configured it. It also includes a probable fix if it finds any kind of malfunction anywhere in the repo. Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

Sometimes it catches errors that aren’t really that serious, but it also catches things that I don’t expect or can’t predict. I think that, as a service-based model, it should be more precise when tracking the severity of an error. Review collected by and hosted on G2.com.

אלי .
א
אלי .
Product Developer
Small-Business (50 or fewer emp.)
"Clear, Descriptive UI That Makes Incident Management Easy"
5/5
What do you like best about GitGuardian?

I liked most the clear and descriptive UI, where you see the incident type, the full code with the highlighted relevant characters, and a CTA panel that allows you to manage it properly. A great and important work, thank you all, guys! Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

I've no comments about the UI, what I think is recommended is to add a smart AI check that will notice if a secret is actually just a placeholder. Most of the incidents I got was this kind of secrets. Review collected by and hosted on G2.com.

Ashish P.
AP
Ashish P.
Architect
Small-Business (50 or fewer emp.)
Business partner of the seller or seller's competitor, not included in G2 scores.
"Automatically Scans Repos and Clearly Flags Security Risks"
4.5/5
What do you like best about GitGuardian?

It automatically scans our repositories for security risks and clearly tells us where the issues are. Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

Sometimes it flags an issue when there isn’t actually one, and other times it passes even when the issue really exists. For example, if I use the keyword "Password" but I’m not using any credentials there, it still shows an issue. However, when I change the key/password that’s actually being used to something like "p_char", it passes it. Review collected by and hosted on G2.com.

Verified User in Pharmaceuticals
AP
Verified User in Pharmaceuticals
Small-Business (50 or fewer emp.)
"Caught real secrets hiding in our Git history"
4.5/5
What do you like best about GitGuardian?

What I like best is the secret detection across our Git history. When we ran a historical scan on one of our repositories it surfaced real exposed credentials we had no idea were sitting in the commit history. The alerts are clear and actionable, which made planning the remediation (rotating the secrets and rewriting the Git history) much easier. Onboarding a repo was quick and the scan reports are easy to share with the rest of the dev team. Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

Remediating secrets that are already committed to history still takes manual work on our side (rotating the credential and rewriting the Git history), which can be intimidating for smaller teams. I'd love even more guided or partly automated remediation steps directly from the dashboard. The volume of alerts can also feel like a lot at first until you tune what matters. Review collected by and hosted on G2.com.

Juan Jose M.
JM
Juan Jose M.
Frontend Software Engineer
Small-Business (50 or fewer emp.)
"Caught a Real Secret in a Real Project, Fast and Developer-Friendly"
5/5
What do you like best about GitGuardian?

this week it literally saved me from committing a real secret in a small personal Python project. It caught the credential immediately and showed me exactly where it was and how to rotate it. That kind of fast feedback is the main value: it scans commits and PRs in real time, integrates cleanly with GitHub, and gives actionable remediation steps instead of just raising an alarm. It’s very developer-friendly and doesn’t slow down your workflow Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

initial tuning takes some time to reduce false positives and configure ignore rules for non-sensitive test data. Some advanced reporting and bulk management features could be more streamlined in the UI Review collected by and hosted on G2.com.

Akshat K.
AK
Akshat K.
Freelance Developer
Small-Business (50 or fewer emp.)
"Accurate Secret Detection with Seamless GitHub Integration"
4.5/5
What do you like best about GitGuardian?

it is very easy to implement and does not require heavy configuration to start delivering value. The onboarding process is straightforward, and integrations with GitHub and CI/CD pipelines work smoothly, allowing teams to get up and running quickly. I use GG frequently as part of daily development and code review workflows, and it fits naturally without slowing anyone down.

Customer support has been responsive and helpful whenever clarification or guidance was needed, especially during initial setup and alert tuning. The accuracy of secret detection, combined with clear alerts and remediation guidance, makes it a practical security tool that developers actually trust and consistently use. Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

The pricing may seem somewhat steep for smaller teams or early-stage startups, particularly when expanding usage to multiple repositories. At first, some alerts might need to be adjusted to minimize unnecessary notifications, which involves a bit of a learning curve. Furthermore, the advanced features and options for policy customization could offer greater flexibility, especially for organizations that have highly specific internal security processes. Review collected by and hosted on G2.com.

Cristopher B.
CB
Cristopher B.
Freelance Developer
Small-Business (50 or fewer emp.)
"Quick, Helpful Secret Incident Alerts with an Easy-to-Understand UI"
5/5
What do you like best about GitGuardian?

The Secret internal incidents notification is quick and helpful, and the UI is easy to understand if you have experience with similar tools. Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

Honestly, I haven’t had any inconveniences. I use GitGuardian to get quick reports when a secret is public, and for that it’s been incredible. Review collected by and hosted on G2.com.

Dirk S.
DS
Dirk S.
Software Developer
Small-Business (50 or fewer emp.)
"GitGuardian reliably detects secret data in commits"
5/5
What do you like best about GitGuardian?

How quickly it happens in everyday life that one overlooks a password or other "secret data" in a commit. It's good that GitGuardian alerts you when the commit is also pushed. Review collected by and hosted on G2.com.

What do you dislike about GitGuardian?

I have not noticed any disadvantages of GitGuardian yet. Review collected by and hosted on G2.com.