Easy setup and administration was my favorite part. It had what we needed, but took a fraction of the time to set up. Review collected by and hosted on G2.com.
It can be tedious logging in multiple times throughout the day, but Short login sessions are generally more secure. Review collected by and hosted on G2.com.
Development and Security are often at odds when granting elevated privileges to source code repositories. A security team asking developers to prove they need elevated privileges causes the "Trust Me" conversation, where developers argue that they should be trusted to have complete control of the source code.
Adopting Zero Trust strategies is helping to remediate over-provisioning in many systems, but source code repositories remain a source of contention. Arnica allows Security teams to discover elevated privileges that have been granted but rarely if ever, used.
With Arnica, Need to Know & Least-Privileged Access metrics are always available without input from developers.
Removing unused, elevated privileges effectively reduces the attack surface and associated risk to intellectual property.
Remediation of discovered overprovisioning is simple and easily documented for change control. Review collected by and hosted on G2.com.
The complete feature set in Arnica is only available to GitHub Enterprise organizations. Smaller teams not ready to move to GitHub enterprise will not have the full set of protections.
However, discovering and mitigating risk in source code repositories at any level improves overall risk in any software firm. Review collected by and hosted on G2.com.
Could not be easier to use. Quickly connect to your GitHub and get a robust delineation of all potential vulnerabilities in your repository. Can't wait for more features to come out and to use this tool more regularly as our team scales. Review collected by and hosted on G2.com.
Very limited areas of confusing UI and ideally would love to see more integrations across my stack to detect vulnerabilities and excessive perms. Review collected by and hosted on G2.com.
Arnica's detections are data-driven, which means it is most likely a true positive when something is detected.
Taking action with Arnica against its detection helps ease the mitigation process.
Arnica's team is always looking to expand its discoveries with new types of detections and improve existing ones. Review collected by and hosted on G2.com.
We look forward to expanding our use of Arnica in our environment. Review collected by and hosted on G2.com.
With Arnica, we are streamlining the review process through data driven analytics and automation to guard against the accumulation of excessive permissions. Arnica has already paid for itself through process optimization and developer tool cost savings by right sizing commercial license. Review collected by and hosted on G2.com.
We are happy with the product capabilities. We are eager to see how the feature set grows. Review collected by and hosted on G2.com.
Get practical answers, real workflows, and honest pros and cons from the G2 community or share your insights.
Pricing details for this product isn’t currently available. Visit the vendor’s website to learn more.
