Code security solutions

Loved by developers, trusted by security

GitGuardian Labs projects bring our latest innovations in code security to your fingertips

Why GitGuardian Labs

The adoption of new frameworks, and architectures, the rise of the DevOps discipline with automation, infrastructure-as-code, and CI/CD systems, and the over-reliance on open-source and 3rd-party services are all the hallmarks of a new era in software development and delivery.

By now, the benefits are known to everyone in the industry: a faster time-to-market, increased developer productivity (and happiness), and overall more satisfied customers. What is less understood, however, is the reshaping of organizations’ attack surfaces and the creation of new opportunities and avenues for attackers.

Rocket launching

GitGuardian Labs' mission is to explore the threats of today and tomorrow in the areas of code and software supply chain security and offer easy-to-use solutions for developers and security professionals alike. We’re constantly exploring new vulnerabilities and adapting ourselves to an ever-changing threat landscape – where the SDLC is becoming the new Eldorado for attackers.

Eric Fourrier
CEO & cofounder at GitGuardian

Our projects

So far, 5 projects have hatched in the owl’s nest: The Good Samaritan, ggshield, ggcanary, SaaS Sentinel and the latest, Has My Secret Leaked.
Stay tuned for more projects coming!

Has My Secret Leaked

Secrets are all over the place

Securing secrets is hard. API tokens, cloud credentials, and database URLs have a bad habit of getting exposed anywhere and everywhere. And let's not forget those leaks tend to happen when your security teams least expect them, usually during “out of office hours” and in assets you don’t own.

GitGuardian has been actively tackling this problem since 2017, and in 2024 we unveiled HasMySecretLeaked, a free toolset to help security and DevOps teams verify if their organization’s secrets have leaked on public repositories, gists, and issues on GitHub projects.

Learn more
HasMySecretLeaked product preview

The good samaritan

Making GitHub a safer space for every developer

Since late 2017, we have been watching over more than 40 million developers’ shoulders. Whenever they leaked a secret on public GitHub repositories, we made it our duty to notify them on time so they can take action.

In 2022, we found 10 million occurrences of secrets hiding in more than a billion public commits and alerted more than a million developers. See what they have to say about us.

Learn more

ggshield for Docker

Finding hardcoded secrets hidden deep in Docker images

Secrets are found in nearly every place: source code, build logs, infra-as-code, etc. Docker images are no exception, we have scanned more than 2,000 images on Docker Hub and found exposed secrets in about 7% of the total! That’s when we knew we had to release our Docker image scanning utility to the public.

With ggshield, the GitGuardian CLI, developers and security engineers can now run deep scans on any Docker image's creation process (Dockerfile and build arguments) as well as its layers' filesystem.

Start scanning

ggcanary

Detecting compromised DevOps environments with AWS honey tokens

Developer and DevOps environments are becoming attackers' favorite targets: version control systems, CI/CD tools, ticketing, and messaging systems such as Jira or Slack all serve as great entry points for further lateral movement.

With ggcanary, security teams can deploy AWS canary tokens at scale, luring their attackers into revealing themselves and detecting intrusion as soon as it happens.

Visit GitHub repo

SaaS Sentinel

Monitoring SaaS providers for potential Supply Chain security incidents

SaaS Sentinel is looking to help organizations detect intrusion as it unfolds and reduce the Mean-Time-to-Detect.

We have planted GitGuardian honeytokens in a selection of SaaS tools used by developers. In case they are unexpectedly triggered their status is updated. Subscribers are then alerted by email of a potential incident happening.

Subscribe to alerts

Resources

The State of Secret Sprawl 2024 report

Hunting for secrets in Docker Hub: what we’ve found

[Video] What happens after leaking an AWS API key on public GitHub

From vulnerability to advantage: turn exposed secrets into your best allies with ggcanary

[Video] Finding leaked credentials in Docker images

Developer Experience (DX) is a security issue

Docker Security Best Practices [Cheat sheet included]

[Video] Finding over 6,000 credentials in Twitch's source code

GitHub Actions Security Best Practices [cheat sheet included]

Want to keep secrets out of your git repositories?

Take a look at GitGuardian Internal Monitoring

Go to website

GitGuardian is the code security platform for the DevOps generation.

With automated secrets detection and remediation, our platform enables Dev, Sec, and Ops to advance together towards the Secure Software Development Lifecycle.

Subscribe to our newsletter to receive the latest content and updates from GitGuardian.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

By submitting this form, I agree to GitGuardian’s Privacy Policy

© YEAR GitGuardian. All Rights Reserved.

Term & Conditions
Privacy Policy
Public Security Policy
Cookies