Home
Customers
Case Study

GitGuardian: Mastering secure code from the ground up


Managing software vulnerabilities presents a significant challenge, especially with the constant emergence of new exploits. This case study unveils how GitGuardian not only fortified its code security but also significantly streamlined the management of Common Vulnerabilities and Exposures (CVEs), ensuring the delivery of secure software containers to its high-caliber users across public and private sectors.


Challenge


GitGuardian’s challenge was multifaceted, rooted in the need to manage a burgeoning backlog of CVEs that imposed a significant burden on the triage and remediation teams, but also the trust and compliance integral to their operations and customer relationships.‍


The team was inundated with vulnerabilities across their software containers, making the task of patching and updating not just daunting, but costly to manage efficiently with a small but dedicated team of full-time engineers.‍


The pressures of meeting customer demands for shipping software with minimal — if not zero — CVEs highlighted the critical nature of this challenge in maintaining customer trust and meeting contractual obligations. This was especially apparent for major U.S. customers and prospects in highly regulated sectors like defense and public services regardless of whether deployment was on-prem or cloud-based.‍


The manual process of addressing these vulnerabilities was resource-intensive, leading to a significant operational burden that diverted attention from innovation and product development. Furthermore, GitGuardian’s ambition to pursue security and compliance requirements introduced additional complexity, requiring them to uphold the highest standards of security and vulnerability management while navigating the rigorous compliance landscape.‍


"Security is in the DNA of GitGuardian. And Chainguard really made sense when we started to look at how to streamline and make sure we don't ship our software with any vulnerabilities because that is a really big part of our story."

Romain Jouhannet, Sr. Product Manager

Solution


The adoption of Chainguard Images marked a pivotal shift in GitGuardian’s approach to securing their container environments. This strategic move was driven by the pressing need to reduce the number of vulnerabilities and streamline the entire process of vulnerability management.‍


The benefits were immediately clear as GitGuardian witnessed a drastic reduction in CVEs — eliminating them by 100%. They went from facing numerous critical and high vulnerabilities to achieving a state where such vulnerabilities were literally nonexistent, in addition to a 33% reduction in image size.‍


The solution not only simplified GitGuardian’s vulnerability management, but also expedited the delivery of more secure software versions. Chainguard Images helped them to refocus back to their core business and innovations driving customer value, rather than being bogged down by continuous patching. This efficiency was particularly crucial for GitGuardian, as they promise short SLAs on patching critical vulnerabilities — a commitment now more easily met with Chainguard’s rapid patching turnaround times.‍


Looking ahead, GitGuardian is excited about further innovations the time saved using Chainguard Images has helped them unlock, such as expanding their secret detection capabilities beyond source code and tackling new types of vulnerabilities. Their goal is to broaden their security footprint and continue providing customers with the most secure, compliant, and efficient solutions possible.


Download the case study

Share
  • If I were to describe Chainguard's value in one word, I would say — efficiency.

  • What was very interesting for us about Chainguard was it was founded and built by people who have lived and gone through the pain as we had. One thing that resonated really well with us about that product was how they were focusing on solving the problem at the right place.

    Anoosh Saboori

    Head of Product Security

    Read More
  • Vulnerability management is a huge source of toil in security engineering. As a one-person team, I can’t look at thousands of vulnerabilities and do everything else in my job. I’m lucky that I use our own products like Chainguard Images. Because we have so few CVEs in our production fleet, the vulnerability management part of my role takes so little time.

    Thomas Strömberg

    Director of Security at Chainguard

    Read More
  • For years, our team struggled with minimizing and triaging CVEs in one of our most critical customer-facing images. By switching to Chainguard Images, we almost immediately achieved zero-known CVEs in our customer image for the first time in two years, which significantly helped free up engineering and technical success resources to focus on customer innovation and removed the daily headache of vulnerability maintenance associated with that image.

Ready to Lock Down Your Supply Chain?

Talk to our customer obsessed, community-driven team.

Get Started