Case Study

GitGuardian: Mastering secure code from the ground up

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5
Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text




Managing software vulnerabilities presents a significant challenge, especially with the constant emergence of new exploits. This case study unveils how GitGuardian not only fortified its code security but also significantly streamlined the management of Common Vulnerabilities and Exposures (CVEs), ensuring the delivery of secure software containers to its high-caliber users across public and private sectors.


GitGuardian’s challenge was multifaceted, rooted in the need to manage a burgeoning backlog of CVEs that imposed a significant burden on the triage and remediation teams, but also the trust and compliance integral to their operations and customer relationships.

The team was inundated with vulnerabilities across their software containers, making the task of patching and updating not just daunting, but costly to manage efficiently with a small but dedicated team of full-time engineers.

The pressures of meeting customer demands for shipping software with minimal — if not zero — CVEs highlighted the critical nature of this challenge in maintaining customer trust and meeting contractual obligations. This was especially apparent for major U.S. customers and prospects in highly regulated sectors like defense and public services regardless of whether deployment was on-prem or cloud-based.

The manual process of addressing these vulnerabilities was resource-intensive, leading to a significant operational burden that diverted attention from innovation and product development. Furthermore, GitGuardian’s ambition to pursue security and compliance requirements introduced additional complexity, requiring them to uphold the highest standards of security and vulnerability management while navigating the rigorous compliance landscape.

"Security is in the DNA of GitGuardian. And Chainguard really made sense when we started to look at how to streamline and make sure we don't ship our software with any vulnerabilities because that is a really big part of our story."

Romain Jouhannet, Sr. Product Manager


The adoption of Chainguard Images marked a pivotal shift in GitGuardian’s approach to securing their container environments. This strategic move was driven by the pressing need to reduce the number of vulnerabilities and streamline the entire process of vulnerability management.

The benefits were immediately clear as GitGuardian witnessed a drastic reduction in CVEs — eliminating them by 100%. They went from facing numerous critical and high vulnerabilities to achieving a state where such vulnerabilities were literally nonexistent, in addition to a 33% reduction in image size.

The solution not only simplified GitGuardian’s vulnerability management, but also expedited the delivery of more secure software versions. Chainguard Images helped them to refocus back to their core business and innovations driving customer value, rather than being bogged down by continuous patching. This efficiency was particularly crucial for GitGuardian, as they promise short SLAs on patching critical vulnerabilities — a commitment now more easily met with Chainguard’s rapid patching turnaround times.

Looking ahead, GitGuardian is excited about further innovations the time saved using Chainguard Images has helped them unlock, such as expanding their secret detection capabilities beyond source code and tackling new types of vulnerabilities. Their goal is to broaden their security footprint and continue providing customers with the most secure, compliant, and efficient solutions possible.

Download the case study

GitGuardian, a leader in securing code from vulnerabilities, detects sensitive data hidden in your repositories by monitoring public and private source code, and other data sources. GitGuardian is used by hundreds of thousands of developers worldwide.


Software Security



Cloud platform



What was very interesting for us about Chainguard was it was founded and built by people who have lived and gone through the pain as we had. One thing that resonated really well with us about that product was how they were focusing on solving the problem at the right place.

Anoosh Saboori
Head of Product Security

Vulnerability management is a huge source of toil in security engineering. As a one-person team, I can’t look at thousands of vulnerabilities and do everything else in my job. I’m lucky that I use our own products like Chainguard Images. Because we have so few CVEs in our production fleet, the vulnerability management part of my role takes so little time.

Thomas Strömberg
Director of Security at Chainguard

It took me about 20 minutes and 6 lines of code to change it over to use the Chainguard Image. There is no blame to engineering, they are doing what everyone does by just taking what's in Docker Hub.”

Andrew Storms

For years, our team struggled with minimizing and triaging CVEs in one of our most critical customer-facing images. By switching to Chainguard Images, we almost immediately achieved zero-known CVEs in our customer image for the first time in two years, which significantly helped free up resources."

Diego Comas
Head of Security