Skip to main content

Shift left with GitGuardian

What is shift left?#

Shifting left is a development principle which states that security should move from the right (or end) of the software development life cycle (SDLC) to the left (the beginning).

In other words: security, and therefore secrets detection, should be integrated and designed into all stages of the development process. This new shift requires developers to take more ownership of security and security principles.

GitGuardian CLI: gg-shield#

GitGuardian CLI (Command Line Interface) application gg-shield allows you to deploy GitGuardian's secret detection engine in a shift-left approach to developer's machines through git hooks or in your CI/CD platform of preference.

Getting started with gg-shield.

FAQ#

I have <VCS integration> configured. Why should I use gg-shield?#

GitGuardian shield allows your security efforts to "shift left", adding extra layers of defense against secret leakage and other security vulnerabilities with pre-commit hooks and pre-receive hooks.

Pipeline integrations may be used to stop branches from being merged with secrets, reducing history rewrites on main branches.

I have gg-shield configured. Why should I use <VCS integration>?#

GitGuardian shield is a very flexible tool. It is fast and easy to integrate but does not provide the same security guarantees as real-time monitoring of your VCS. Pre-commit hooks can be bypassed, pre-receive hooks can be cumbersome on development, and gg-shield has to be configured on a per-repo basis as a CI integration.

Real-time monitoring allows you to cover all of your security perimeter and also enables you to scan the git history as new detectors and policies are added.