Migrating from GitGuardian to middleBrick

Export findings and configuration from GitGuardian as a preparatory step before switching. Use the GitGuardian UI or API to download incidents, scan summaries, and policy definitions. The export typically includes alert timestamps, affected endpoints, and the associated severity level.

Map these fields to middleBrick inputs: endpoint paths, HTTP methods, and observed risk indicators. Keep the raw export as a reference for cross-validation after migration. You will not recreate GitGuardian alerts inside middleBrick, but having the export ensures you can compare coverage and avoid surprises.

middleBrick does not ingest historical scan files. To rebuild context, run scheduled scans against each API and rely on continuous monitoring to track changes over time.

Use the CLI to perform initial scans: middlebrick scan https://api.example.com/openapi.json. Output can be JSON for scripting and integration into dashboards. For recurring tracking, enable scheduled rescans in the Pro tier (6 hours, daily, weekly, or monthly) and use diff detection to surface new findings and resolved findings. This approach establishes a new baseline rather than reproducing line-by-line historical data.

Coordinate the migration with a controlled release window to reduce disruption. Before switching CI gates, validate that middleBrick can authenticate against your APIs using the same credentials or secrets already used in GitGuardian.

Example GitHub Action snippet using middleBrick:

      - name: middleBrick scan
        uses: middlebrick/github-action@v1
        with:
          url: https://api.example.com/openapi.json
          threshold: C
          auth-type: bearer
          auth-secret: ${{ secrets.MIDDLEBRICK_TOKEN }}

During the transition, run both tools in parallel for a short period. Compare the number and severity of findings to confirm that critical security issues are still being detected before decommissioning the old checks.

GitGuardian focuses on secret detection in code and commits. middleBrick does not replicate this capability; it specializes in runtime API behavior. Expect no findings related to exposed credentials in source repositories or developer workflows.

middleBrick also does not perform active SQL injection or command injection testing, nor does it detect business logic vulnerabilities that require domain knowledge. These gaps are intentional scope boundaries. Use specialized SAST/DAST tools or manual review for those areas, and treat middleBrick as a complementary layer rather than a complete replacement.

middleBrick provides a black-box security posture assessment with no agents or code access. It completes scans in under a minute using read-only methods and supports OpenAPI 3.0, 3.1, and Swagger 2.0 with recursive $ref resolution.

The platform maps findings to OWASP API Top 10 (2023), PCI-DSS 4.0, and SOC 2 Type II controls. It detects authentication bypasses, IDOR, privilege escalation, input validation issues, sensitive data exposure, SSRF indicators, and LLM/AI security probes across multiple depth tiers. For ongoing operations, use the Web Dashboard for trend analysis, download compliance PDFs, and configure email or webhook alerts with rate limiting to avoid noise.