Freely subscribe to our NEWSLETTER

GitGuardian is trusted by large companies such as Talend, Mirantis, Instacart, Genesys, Now: Pensions and Maven Wave. The investment round will be used to accelerate the strategies that drove GitGuardian to quadruple its recurring revenue in both 2020 and 2021, extend its secret detection solution to become a comprehensive code security platform, expand its go-to-market, and grow its teams across the US and Europe.

In 2022, GitGuardian will establish a strong presence in the United States, with Jeremy Thomas, the founder and CEO, moving from France to open the American office and recruit key team members to better address this strategic market that already represents 75% of GitGuardian’s revenue.

The unmet demand of code security platforms

The way applications are built has changed drastically, creating largely unmet needs and the proliferation of vertical DevSecOps solutions. As software rules the world, the ability to deliver secure applications quickly is a competitive advantage, even in the most physically-rooted industries.

Achieving this requires a total change in the way applications are built:

? Organizational change: Large, growing, distributed Dev, Sec, and Ops teams producing more code, faster.
? Technological change: DevOps-native applications are no longer standalone monoliths. They are made up of an increasing number of building blocks (cloud infrastructure, managed databases, SaaS applications, open-source components, internal microservices, etc.), technologies and frameworks.
? Cultural change: Security is now a shared responsibility between Dev, Sec and Ops teams, which is continually addressed throughout the Software Development Life Cycle (SDLC) so that defects can be identified earlier and remediated at lesser costs.

These new ways of building software create the necessity to support new vulnerabilities and new remediation workflows. These needs have emerged so abruptly that they have given rise to a young and highly fragmented DevSecOps tooling market. Solutions are specialized based on the type of vulnerabilities being addressed: SAST, DAST, IAST, RASP, SCA, Secrets Detection, Container Security, and Infrastructure as Code Security.

A need for security platforms to enforce code security at scale has emerged
The “Application Security (AppSec) Shared Responsibility Model” is emerging as the only approach to AppSec that is truly scalable and finally allows the unlock of secure applications’ quick release. However, developers are underserved in terms of code security tools. These tools are fragmented, not educational and triggering irrelevant alerts. They are often not well-integrated into the developer’s workflow.
With 150M developers on the different code hosting platforms (GitHub, GitLab, Bitbucket) in 2025, the code security market is estimated to reach between $50B and $100B.
GitGuardian, founded in 2017 by Jérémy Thomas and Eric Fourrier, has emerged as the leader in secrets detection and is now focused on enabling the Shared Responsibility Model of AppSec by starting first with getting the developers’ experience right.

From secrets to a wide variety of vulnerabilities

GitGuardian’s powerful and flexible framework currently addresses secrets detection. With more than 300 detectors, it can detect secrets in both public and private repositories and containers and be deployed either in SaaS or on-premise. With more than 130K installs, GitGuardian is the n°1 security application on the GitHub Marketplace. Its enterprise-grade features truly enable AppSec and Development teams in a collaborative manner to deliver a secret-free code.

With this funding, GitGuardian will build from its secret detection expertise and extend to encode a wide variety of vulnerabilities to compete with legacy code security platforms.

Its massive dataset and large developer community will allow fast testing. Broadening the detection scope will increase numbers of high assurance and high-value findings, making GitGuardian even more relevant for enterprises, individual developers and small development teams.