GitGuardian Public Monitoring also allows red teams and pentesters to proactively look for sensitive information by performing complex queries on 12 billion documents and metadata from more than 3 years of GitHub history. The alerting is done in real-time (a few seconds after the secret was publicly exposed) which allows fast remediation involving in a collaborative way developers, security teams and operations. The algorithm has a high precision (91% “true positive” feedback following our alerts, as reported by our users.) It uses sophisticated pattern matching techniques to detect credentials that cannot be strictly defined with a distinctive pattern (like unprefixed credentials). GitGuardian Public Monitoring cover 350+ API providers, database connection strings, private keys, certificates, usernames and passwords and intellectual property. GitGuardian Public Monitoring is particularly interesting for companies with large development teams (above 200 developers) and modern development practices.
The solution gives visibility to developers and security teams on this very critical blindspot that are the organization developers' personal repositories on GitHub (80% of leaked corporate secrets on public GitHub come from developers’ personal repositories).
It monitors both organization repositories and developers' personal repositories. GitGuardian Public Monitoring allows real-time GitHub scanning and alerting to uncover sensitive company information hiding in online repositories.
0 kommentar(er)
