Remediate your incidents

Involving developers is crucial for incident remediation. As codebase owners, they are the most appropriate people to interpret contextual information provided by GitGuardian. This knowledge is essential in creating an effective and efficient remediation plan.

Ignore incidents

Ignoring incidents can be very useful to address or focus on the most severe incidents. In that context, GitGuardian offers you the ability to:

• Ignore an incident permanently because it's a false positive or the risk is acceptable.

• Ignore an incident temporarily:

  • Either because the risk is acceptable for the moment,

  • Or there is no fix available.

    In both scenarios, you will be asked to enter a date until which the incident should be disregarded. After this date, the incident will be automatically reopened.

    When no fix is available, you can also confirm whether this incident shall be reopened automatically as soon as a fix is available. This feature can be particularly convenient during your opened incidents' prioritization and remediation process. It helps you focus on where you can take action now without missing the whole picture in the long term.

    Default option

    This option is enabled by default.

    

• Ignore incidents automatically:

  • Any incident manually ignored from the GitGuardian platform will consequently be ignored in ggshield scans to ensure consistency in detection. Please refer to ggshield SCA scanning configuration for more information.

  • Alternatively, GitGuardian proposes an auto-ignore playbook that allows you to automatically ignore incidents on the platform previously ignored in the ggshield repository's configuration file. Playbooks are automated remediation workflows configurable from the workspace settings.

    Plan restriction

    This playbook is only available for Business workspaces.

    

Share your incidents

GitGuardian aims to enable easy collaboration with your developers by providing flexible ways to share your incidents.

Currently, only the Managers accounts have access to the incidents list. However, you can share any incident internally with registered accounts with a different role via the Grant access action.

Plan restriction

This option is only available for Business workspaces.

Check incident activity logs and comments

You can access the activity logs of an incident using the Timeline tab from the incident information panel. This feature will allow you to briefly look at the incident history and see user comments.

Thanks to the input at the top of the activity logs, you can add comments when necessary.

Perform bulk actions on incidents

The Incidents view allows you to select multiple incidents at the same time and benefit from bulk actions to speed up your incident management:

• Ignore, providing the same options as for a single incident.
• Reopen, which will reopen any ignored incident.
• Share, to share a set of incidents at once.

Was this page helpful?