Skip to main content

Shift left with GitGuardian

What is shift left?#

Shifting left is a development principle which states that security should move from the right (or end) of the software development life cycle (SDLC) to the left (the beginning).

In other words: security, and therefore secrets detection, should be integrated and designed into all stages of the development process. This new shift requires developers to take more ownership of security and security principles.

GitGuardian CLI: ggshield#

GitGuardian CLI (Command Line Interface) application ggshield allows you to deploy GitGuardian's secret detection engine in a shift-left approach to developer's machines through git hooks or in your CI/CD platform of preference.

Getting started with ggshield.

FAQ#

I have <VCS integration> configured. Why should I use ggshield?#

GitGuardian shield allows your security efforts to "shift left", adding extra layers of defense against secret leakage and other security vulnerabilities with pre-commit hooks and pre-receive hooks.

Pipeline integrations may be used to stop branches from being merged with secrets, reducing history rewrites on main branches.

I have ggshield configured. Why should I use <VCS integration>?#

GitGuardian shield is a very flexible tool. It is fast and easy to integrate but does not provide the same security guarantees as real-time monitoring of your VCS. Pre-commit hooks can be bypassed, pre-receive hooks can be cumbersome on development, and ggshield has to be configured on a per-repo basis as a CI integration.

Real-time monitoring allows you to cover all of your security perimeter and also enables you to scan the git history as new detectors and policies are added.