Skip to main content

How GitGuardian works

GitGuardian architecture#

Server-side VCS integration#

GitGuardian's internal repository monitoring product integrates natively with your VCS (Version Control System), hence on the server side. This is done through a GitHub app or a webhook for GitLab. GitGuardian "listens" to all the events reaching the post-receive hook stage.

Read our blog article if you want to learn more about hooks and why we believe they are a must-have when it comes to automated secrets detection.

Scanning incremental change#

Commits contained in such events, typically push events, are then scanned by our library of secrets detectors. If a secret is detected, an incident is raised in your dashboard instantly and you get alerted in real time.

Scanning your git history#

GitGuardian also gives you the ability (and encourages you) to scan the entire git history of your perimeter. All secrets present in your code prior to installing GitGuardian will be detected.

GitGuardian dashboard#

GitGuardian dashboard users have access to all detected secrets and are typically in charge of ensuring proper remediation. Through the dashboard, users can collaborate with teammates and configure custom monitoring settings.

GitGuardian dashboard