Security recommendations and information
Common Vulnerabilities and Exposures
GitGuardian builds its self-hosted images on top of Chainguard hardened Base-OS images, which significantly reduces the CVE surface of the frontend and backend containers and targets a zero-CVE goal in production.
KOTS admin and Replicated SDK images use a distroless Chainguard base image.
Runtime image configuration: The runtime image is based on the Python image (with an optional FIPS-enabled variant for Helm), and ships the following additional packages: src-fingerprint, libxml2, libxslt, xmlsec, xmlsec-openssl, and git.
FIPS 140-3 cryptographic modules (Helm only)
FIPS 140-3 approved cryptographic modules are available as an optional feature for Helm-based installations. When enabled, GitGuardian uses the FIPS-compliant variants of its application images to encrypt sensitive data at rest and in transit.
To activate FIPS in your Helm installation, set the following in values.yaml:
global:
fips:
enabled: true
For air-gapped environments, see the Airgap Installation Guide for the FIPS-specific image list.
Learn more about Chainguard's FIPS validation process and see Chainguard's FIPS Commitment for warranty and certified cryptographic module details.
GitGuardian images for CVE scanning
The table below lists the images shipped in the current release so you can feed them into your CVE scanner (Trivy, Grype, Snyk, etc.) or vulnerability management pipeline. FIPS variants have a -fips suffix on the same repository.
Current release image list
| Image Type | Repository and Image Name | 2026.4 |
|---|---|---|
| GitGuardian Frontend | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/prm-static-chainguard | 2026.4.0 |
| GitGuardian Backend | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/prm-app-chainguard | 2026.4.0 |
| Replicated SDK (used for licensing) | proxy.replicated.com/proxy/gitguardian/docker.io/replicated/replicated-sdk | 1.19.3 |
| Machine Learning | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/ml-secret-engine-app-chainguard | 0.23.0 |
| File Scanner | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/apache-tika | 3.2 |
| Analytics | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/basalt-onprem-analytics | 0.4.0 |
| ggscout | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/ggscout/chainguard | 0.27.0 |
| Log collector (fluent-bit) | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/fluent-bit | 4.2.4 |
| Log collector (loki) | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/loki | 3.6.10 |
| Log collector (minio) | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/minio | 0.20260330 |
| Used for Custom CA | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/bash | 5.3 |
| Helm Tooling (debug image) | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/prm-helm-tooling | 2026.4.0 |
The full history of released tags and the private-registry directory layout are maintained in the Airgap Installation Guide.
Analytics image: CVE risk assessment
The Analytics feature image (gitguardian/basalt-onprem-analytics) relies on a Python-based data analytics stack whose transitive dependency tree presents ongoing patching challenges inherent to this class of software.
The security risk is minimal. The image runs as a nightly Kubernetes CronJob with no webserver, no network listener, and no inbound connections of any kind. It only writes to internal cluster databases (PostgreSQL) and processes internal GitGuardian metadata — not customer secrets or source code. The vast majority of CVEs in this image describe vulnerabilities that require an exposed network interface or interactive access to exploit, neither of which is present here.
GitGuardian monitors this image continuously and will prioritize remediation for any CVE that presents a realistic exploitation path.
Cosign for image signing
GitGuardian has enhanced the security of our images through the implementation of Cosign for image signing, aligning with SLSA 2 standards. This ensures all images are secure from their creation to deployment. All GitGuardian images can be verified following the method described below, except for the Replicated SDK which uses a different verification process (see Verify SDK Image Integrity).
You can enhance your Kubernetes security by using the Sigstore Policy Controller. For more details, please visit the Sigstore Policy Controller documentation.
Before You Start: Download Cosign for image verification: Download Cosign
Verification Steps:
- Save the provided public key into a file named
gg_cosign.pub.
echo "-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnVzZQr8D9OgkgZcf9z0v67yrd2pg
+yQtJur1OgetAwij8T8g8VH+IegI6Y+1E3ZEqMast934R35UCzOiiyIadQ==
-----END PUBLIC KEY-----" > gg_cosign.pub
- Retrieve your License ID from your license file, where it's labeled as
licenseID. Use this ID to authenticate with the GitGuardian image repository by executing the commands below.
printf "Enter your License ID: " && read LICENSE_ID
docker login registry.replicated.com --username "${LICENSE_ID}" --password "${LICENSE_ID}"
docker login proxy.replicated.com --username "${LICENSE_ID}" --password "${LICENSE_ID}"
- Execute the following command, replacing
<IMAGE>:<TAG>with the image's name and tag.
cosign verify --key gg_cosign.pub <IMAGE>:<TAG>
This command verifies the image against the signatures stored with it, using the provided public key.
Images you can verify with Cosign
| Image Type | Repository and Image Name | 2026.4 |
|---|---|---|
| GitGuardian Frontend | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/prm-static-chainguard | 2026.4.0 |
| GitGuardian Backend | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/prm-app-chainguard | 2026.4.0 |
| Replicated SDK (used for licensing) | proxy.replicated.com/proxy/gitguardian/docker.io/replicated/replicated-sdk | 1.19.3 |
| Machine Learning | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/ml-secret-engine-app-chainguard | 0.23.0 |
| File Scanner | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/apache-tika | 3.2 |
| Analytics | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/basalt-onprem-analytics | 0.4.0 |
| ggscout | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/ggscout/chainguard | 0.27.0 |
| Log collector (fluent-bit) | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/fluent-bit | 4.2.4 |
| Log collector (loki) | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/loki | 3.6.10 |
| Log collector (minio) | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/minio | 0.20260330 |
| Used for Custom CA | proxy.replicated.com/proxy/gitguardian/ghcr.io/gitguardian/wolfi/bash | 5.3 |
| Helm Tooling (debug image) | proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/prm-helm-tooling | 2026.4.0 |
The private-registry directory layout for the same images is in the Upload GitGuardian Images section of the airgap installation guide.
Example:
cosign verify --key gg_cosign.pub proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/prm-app-chainguard:2026.4.0 | jq .
Verification for proxy.replicated.com/proxy/gitguardian/docker.io/gitguardian/prm-app-chainguard:2026.4.0 --
The following checks were performed on each of these signatures:
- The cosign claims were validated
- Existence of the claims in the transparency log was verified offline
- The signatures were verified against the specified public key
Expected output:
[
{
'critical':
{
'identity':
{
'docker-reference': 'docker.io/gitguardian/prm-app-chainguard',
},
'image': { 'docker-manifest-digest': 'sha256:b842813ffb597a67c...' },
'type': 'cosign container image signature',
},
'optional':
{
'Bundle':
{
'SignedEntryTimestamp': '',
'Payload':
{
'body': '',
'integratedTime': 1709632488,
'logIndex': 75773529,
'logID': 'c0d23d6ad406...',
},
},
},
},
]
TLS certificate
The application mandates HTTPS access to safeguard sensitive information such as secrets and source code. A TLS certificate is required to start the installation.
Use a valid certificate that matches your Fully Qualified Domain Name (FQDN), for example dashboard.gitguardian.mycorp.local. For configuration, see the TLS certificate setup.
By default, GitGuardian serves a cipher suite supporting only TLS 1.2 and TLS 1.3, which is compatible with modern browsers. When the FIPS 140-3 option is enabled, the following protocols and ciphers are used and are FIPS 140-3 compliant:
- Protocols:
TLS 1.2/TLS 1.3 - Ciphers:
- TLS 1.3:
TLS_AES_256_GCM_SHA384 - TLS 1.2:
ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384
- TLS 1.3:
Self-signed certificates
Using a self-signed certificate requires additional SSL validation handling for GitLab or GitHub webhooks. SSL verification is enabled by default and must be disabled when integrating with GitLab or GitHub via a self-signed certificate.
Encryption and Access Control
Considering the database will hold sensitive data (like source code and leaks), we strongly recommend encrypting the file system. Additionally, access to the host running the application should be limited to essential personnel (e.g., host and application deployment managers).
Signup restrictions
By default, joining the GitGuardian workspace requires a sign-up via SSO or an invitation link.
Disabling signup restrictions means anyone within the instance network can join your workspace and potentially access secrets. Should you opt to disable these restrictions, ensure your GitGuardian instance is only accessible within a restricted network, not from the Internet.
