CASE STUDY
Results
Alerting is only the first step , which is why GitGuardian also helps with the remediation aspect of the Incident Response process . Mirantis developed a triaging and severity rating questionnaire that it sent to developers with a precise and standardized set of questions and leverages the GitGuardian ‘ Developer in the Loop ’ feature . This in app feature streamlines the information collection process and centralization in GitGuardian ’ s dashboard , which enables Mirantis ’ teams to more quickly understand the context of a given incident thus facilitating the investigation and remediation .
Without this feature , Koldobanov ’ s team would have to less efficiently collect feedback from different systems ( email , Jira , Slack ) and request actions from different stakeholders manually . Mirantis also found that involving developers in the remediation process is also a great way to raise secrets leakage awareness . Having been a GitGuardian customer for almost two years , Mirantis has been very positive about both its experience working with the GitGuardian team , and the enhancements brought to the product .
Mirantis also had a good experience thanks to GitGuardian ’ s customer-centric approach . actively scanning GitHub , having manual analysis of potential incidents would have a huge impact on detection time . This was both the case for bug bounties and for the DLP tool . GitGuardian ’ s ability to detect leaks instantaneously and immediately alert Mirantis ’ security team was hence crucial .
Another key differentiator for Mirantis was GitGuardian ’ s ability to automatically identify Mirantis ’ publicly active developers , and therefore to create a dynamic perimeter to monitor .
This enables GitGuardian to not only focus on known corporate repositories , but most importantly on developers ’ personal ( public ) repositories , where companies typically have no visibility .
GitGuardian is now leveraging the development team workflows by integrating with Slack , which is heavily used by the team . The customizable integration allows specific alerts to be routed to the appropriate Slack channel .
“ GitGuardian is flexible and reacts fast to feedback . I can talk about my specific needs and see a reaction from the team very quickly . GitGuardian also provides guidance and best practices to help us grasp all details of this aspect of cybersecurity ,” said Yury Koldobanov , Director of IT and Acting CISO , Mirantis . “ In an ideal world we would have several other security and detection systems , but for us , as a software vendor , we need to focus on what really matters . And this is our IT stack : secrets are the keys to your kingdom ”
What ’ s next
GitGuardian is already well-integrated in Mirantis ’ development stack thanks to the Slack integration . In order to go further , Mirantis is looking forward to having GitGuardian integrated with other systems it uses , since it would remove the need for some manual tasks and benefit from GitGuardian expanding its detection capabilities . p
GITGUARDIAN IS FLEXIBLE AND REACTS
FAST TO FEEDBACK .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 63