GitGuardian Developer Endpoint Protection: Secret Scanning For Your Laptops

GitGuardian Developer Endpoint Protection helps security teams find secrets across any of your organization's laptops. In this walkthrough, Dwayne shows how to install ggshield, enable the machine scan plugin, run a local workstation scan, and review findings in the local dashboard.

Learn why developer endpoints have become a major target in modern supply chain attacks, especially when credentials are stored in.env files, shell history, config files, and MCP files. You will see how findings can be reviewed locally before safely syncing metadata, context, and hashes back into the GitGuardian Workspace. The walkthrough also shows how endpoint findings appear in your GitGuardian workspace Secrets and Endpoints views, including links to existing incidents and remediation guidance.

Developer Endpoint Protection is now available for all GitGuardian Business and Enterprise customers.

Chapters:

00:00 - Introduction and overview

00:30 - What problem does GitGuardian Developer Endpoint Protection solve?

01:48 - Things to know before activating Endpoint Protection

02:20 - Steps 1 and 2 - Installing ggshield and authenticating to GitGuardian

02:54 - Step 3 - Installing the ggshield machine scan plugin

03:12 - Step 4a - Running our first scan (in real time)

04:02 - Step 4b - Understanding your local Machine Scan Dashboard

05:36 - Step 5 - Sending the inventory to your GitGuardian workspace

06:00 - Working with Secrets in your GitGuardian workspace Endpoint Protection view

07:26 - Working with Endpoints in your GitGuardian workspace Endpoint Protection view

08:05 - Final thoughts and outro

Reference links:

Developer Endpoint Protection official documentation:
https://docs.gitguardian.com/endpoint-protection/home

Installing ggshield:
https://github.com/gitguardian/ggshield#installation

Read more about Shai Hulud and other attacks
https://blog.gitguardian.com/tag/breach-explained/