Stolen credentials remain the most common cause of a data breach. Various methods exist to prevent such breaches, and the most effective ones will have the least impact on developer productivity while catching issues as early as possible in the development process, when they’re still inexpensive and easy to fix.
That’s precisely the mission of GitGuardian’s new Visual Studio Code extension: bringing robust shift-left security practices directly into the developer’s workflow.
The extension works by scanning files as they are saved, alerting users to any potential secrets before they are added to the repository. It integrates seamlessly with the popular Visual Studio Code editor, providing clear notifications and allowing users to easily fix issues. The extension builds upon existing functionality offered by GitGuardian’s command-line tool, ggshield, making it even easier for developers to protect their sensitive information.
Key benefits include:
- Real-time code scanning: as soon as a secret is detected, it’s highlighted directly in the code, with red warnings in the status bar.
- Guided remediation: the extension offers custom remediation messages to suggest corrective actions, such as storing secrets in a secure vault.
- Developer friendliness: With a one-click install and simplified authentication, getting started is a breeze. Whenever a file is saved, it’s automatically scanned using ggshield without requiring installation.