GitGuardian

AI secrets detection and remediation for code

Free tier Active Freemium
Visit Website
Category
AI Security & Vulnerability Detection
Platforms
web, cli
Pricing
$0 — Custom
Open Source
No
IDE Support
GitHub, GitLab, Bitbucket, Azure DevOps
Quick links: Website Pricing

# What is GitGuardian?

GitGuardian monitors code repositories and CI/CD pipelines for leaked secrets — API keys, passwords, certificates, and tokens. Its AI can suggest remediation steps and track whether exposed secrets have been rotated.

Who is it for? Security engineers and teams who need automated vulnerability detection and code audits.

Key Features

secrets-detectionsecuritygithubci-cddevsecops

Available on

GitHubGitLabBitbucketAzure DevOps webcli

* Our Verdict

4.4 /5

Best-in-class for secrets detection. Every development team should use this — the free tier for public repos alone is invaluable.

+- Pros & Cons

Pros

  • + Catches secrets in real-time
  • + Historical repo scanning
  • + Pre-commit hooks available
  • + Free for public repos
  • + Good incident workflow

Cons

  • - Expensive per developer at scale
  • - Some false positives
  • - Remediation guidance could be better
  • - No SAST beyond secrets

$ Pricing

Free
$0
  • Public repos
  • 1 developer
  • Basic secrets detection
Team
$29/mo/dev
  • Private repos
  • Historical scanning
  • Incident management
Enterprise
Custom
  • SSO
  • On-prem
  • Custom detectors
  • SLA

</> Supported Languages & IDEs

Languages

All — language agnostic

IDEs & Platforms

GitHubGitLabBitbucketAzure DevOps

= Alternatives to GitGuardian

Semgrep
Fast, customizable static analysis for security
Free OSS 4.5/5
Snyk Code
AI-powered security code review
Free 4.4/5
SonarQube
Code quality and security platform with AI
Free OSS 4.3/5
Checkmarx
Enterprise application security testing platform
4/5
Veracode
Cloud-native application security testing
3.9/5

i About GitGuardian

Company GitGuardian
Founded 2017
HQ Paris, France
Status Active
Data updated 2025-03-08