As modern software development progresses, the need for an airtight strategy on secrets detection and remediation increases year over year. What used to be teams of software engineers working in a handful of repositories has evolved into distributed teams collaborating across hundreds of separate repos, often on a global scale.
Suppose a single developer accidentally leaves an API key or secret credentials in a line of code that's pushed to production. In that case, an entire team must scramble to remediate the issue. Enterprise organizations operating internationally simply cannot afford to face these scenarios with their sensitive data.
Thankfully, enterprise-grade secrets detection is now available through cybersecurity companies like GitGuardian - a source code analysis platform for native integration with major version control system (VCS) providers, including GitHub, GitLab, and BitBucket. GitGuardian enables enterprises to discover vulnerabilities early and collaboratively, then harness rapid remediation to save time, money, and paperwork.
GitGuardian initially only offered their platform as SaaS. Still, when an increasing amount of prospects needed to self-host customer-controlled VCS instances due to the secure nature of their organizations, GitGuardian quickly realized that they wouldn't be able to meet these requirements with a multi-tenant offering.
They initially attempted to build out the solution for an on-prem POC offering in-house but found that the internal resources it would require were too extensive for their engineering team. "Basically, to deliver an on-prem solution, we needed to mobilize a full team of engineers," says Eric Fourrier, CTO and co-founder of GitGuardian. "But, that would have taken the focus away from our core product, which is securing source code. Building an on-prem solution would have kept our resources and talent from doing what we do best."
While entirely building out the capabilities for an on-prem offering in-house wasn't an option, GitGuardian couldn't risk leaving valuable revenue on the table. GitGuardian needed a solution, and fast.
GitGuardian's research led them to Replicated, a Kubernetes application delivery and management platform. Replicated provides commercial and open source tools to streamline the distribution and management of 3rd-party applications to any enterprise environment.
"The decision to go with Replicated was a no-brainer," Eric recalls. "If we had built it out ourselves, we would never have reached the real potential of a full-grade product like Replicated. Replicated allowed us to differentiate ourselves from competitors. Now we can deploy on-prem installs for customers in minutes, which is extremely rare in the industry."
GitGuardian is now free to ship its industry-leading platform to customer-controlled environments with little additional overhead. To add to that, Replicated empowers GitGuardian to move fast with new customers - an added benefit that Eric sees as imperative for startups looking to expand their total addressable market.
"The speed of deployment is what's so great about having Replicated on our side. It's a huge win for us. Replicated helped us sell to customers faster. As a startup, nothing is more important than being able to ship your product fast and sign new customers."
More than just on-prem, the newfound agility that GitGuardian realized with Replicated was the ability to become "Enterprise-Ready." As Eric puts it, "Being enterprise-ready means that you can support a large feature subset dedicated to large enterprises. Single sign-on, audit logs, change management, and role-based access control are the kinds of features that Replicated are experts in. We really think of them as strategic partners and not just simple vendors. We chose Replicated because we knew that they could power our entire on-prem journey."
Eric expresses it simply when asked what GitGuardian would have done had they not found an out-of-the-box on-prem solution. "Without Replicated, we wouldn't be able to sell to these large enterprise customers wanting an on-premise deployment. We can directly correlate these customers to an amount of revenue, and it's really allowed us to expand our market."
As the cybersecurity startup continues to grow, they can rest assured that even the largest enterprise organizations with the strictest security needs can secure their software development lifecycle with enterprise-grade secrets detection through GitGuardian.
When all was said and done, GitGuardian reduced their engineering team resources dedicated to on-prem installs by over 50%. Eric concludes, "Deciding to go with Replicated and not build the solution ourselves was one of our best engineering decisions."
Please schedule a demo today to learn more about how Replicated can empower your enterprise software.