Sources Integration Overview
GitGuardian's Internal Monitoring protects your organization by scanning diverse data sources where secrets might be exposed. From code repositories to collaboration platforms, we help you discover, remediate, and prevent secret leaks across your entire digital ecosystem.
Why Integrate Multiple Sources?
Modern organizations store and share code across numerous platforms and tools. Secrets can leak anywhere: in commit histories, chat messages, documents, or container images. Comprehensive coverage ensures no exposure goes undetected.
Key benefits:
- Complete visibility: Monitor your entire attack surface, not just git repositories
- Early detection: Catch secrets before they reach production environments
- Unified management: View and manage all incidents from a single dashboard
- Automated remediation: Leverage our workflows to speed up incident response
Source Categories
Version Control Systems (VCS)
Monitor code repositories where secrets are most commonly exposed through commit history and branches.
| Source | Historical Scan | Real-time | Custom Perimeter | Team Perimeter | Presence Check | Source Visibility | File Attachments |
|---|---|---|---|---|---|---|---|
| GitHub | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| GitHub Enterprise | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| GitLab | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| Bitbucket Cloud | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| Bitbucket Server | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| Azure DevOps | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
Coverage includes:
- Source code files
- Configuration files
- Documentation
- Commit messages and metadata
Container Registries
Scan container images for embedded secrets in application layers, environment variables, and configuration files.
| Source | Historical Scan | Real-time | Custom Perimeter | Team Perimeter | Presence Check | Source Visibility | File Attachments |
|---|---|---|---|---|---|---|---|
| Amazon ECR | ✅ | ⏱️ | ✅ | ⏳ | ❌ | ❌ | N/A |
| Azure Container Registry | ✅ | ⏱️ | ✅ | ⏳ | ❌ | ❌ | N/A |
| Docker Hub | ✅ | ⏱️ | ✅ | ⏳ | ❌ | ❌ | N/A |
| Google Artifact Registry | ✅ | ⏱️ | ✅ | ⏳ | ❌ | ❌ | N/A |
| JFrog Container Registry | ✅ | ⏱️ | ✅ | ⏳ | ❌ | ❌ | N/A |
Coverage includes:
- Application code in container layers
- Environment variables and startup scripts
- Configuration files and SSL certificates
- Package dependencies and build artifacts
Package Registries
Scan package artifacts for embedded secrets in software packages across multiple ecosystems (npm, Maven, PyPI, NuGet, and more).
| Source | Historical Scan | Real-time | Custom Perimeter | Team Perimeter | Presence Check | Source Visibility | File Attachments |
|---|---|---|---|---|---|---|---|
| JFrog Package Registries | ✅ | ⏱️ | ✅ | ⏳ | ❌ | ❌ | N/A |
Coverage includes:
- npm, Maven, PyPI, NuGet packages
- Configuration files within packages
- Build artifacts and metadata
- Package manifests and scripts
Messaging & Collaboration
**Monitor communication platforms where secrets might be accidentally shared in conversations or file uploads.
| Source | Historical Scan | Real-time | Custom Perimeter | Team Perimeter | Presence Check | Source Visibility | File Attachments |
|---|---|---|---|---|---|---|---|
| Slack | ✅ | ✅ | ⏳ | ⏳ | ❌ | ✅ | ⏳ |
| Microsoft Teams | ✅ | ⏱️ | ⏳ | ⏳ | ❌ | ✅ | ✅ |
Coverage includes:
- Channel messages and threads
- Private messages (when explicitly authorized)
- File attachments (select integrations)
- Code snippets and pastes
Documentation & File Storage
Scan document libraries for secrets in technical documentation, configuration guides, and shared files.
| Source | Historical Scan | Real-time | Custom Perimeter | Team Perimeter | Presence Check | Source Visibility | File Attachments |
|---|---|---|---|---|---|---|---|
| Confluence Cloud | ✅ | ⏱️ | ⏳ | ⏳ | ❌ | ❌ | ⏳ |
| Confluence Data Center | ✅ | ⏱️ | ⏳ | ⏳ | ❌ | ❌ | ⏳ |
| SharePoint Online | ✅ | ⏱️ | ✅ | ⏳ | ❌ | ❌ | ✅ |
| OneDrive | ✅ | ⏱️ | ✅ | ⏳ | ❌ | ❌ | ✅ |
Coverage includes:
- Technical documentation and wikis
- Office documents (Word, Excel, PowerPoint)
- PDF files and presentations
- Configuration files and templates
Ticketing & Project Management
Monitor project tracking tools where secrets might appear in issue descriptions, comments, or attachments.
| Source | Historical Scan | Real-time | Custom Perimeter | Team Perimeter | Presence Check | Source Visibility | File Attachments |
|---|---|---|---|---|---|---|---|
| Jira Cloud | ✅ | ✅ | ⏳ | ⏳ | ❌ | ❌ | ⏳ |
| Jira Data Center | ✅ | ✅ | ⏳ | ⏳ | ❌ | ❌ | ⏳ |
| ServiceNow | ✅ | ⏱️ | �⏳ | ⏳ | ❌ | ❌ | ❌ |
Coverage includes:
- Issue descriptions and comments
- Project documentation
- Ticket attachments (select integrations)
- Custom field content
Custom Sources
Extend monitoring to any data source with Bring Your Own Sources
| Source | Historical Scan | Real-time | Custom Perimeter | Team Perimeter | Presence Check | Source Visibility | File Attachments |
|---|---|---|---|---|---|---|---|
| Custom Sources | Manual | Manual | ✅ | ⏳ | ❌ | ✅ | ✅ |
Sky is the limit! With Custom Sources you can cover:
- CI/CD logs and build artifacts.
- Legacy systems and databases.
- FTP servers and file shares.
- Any custom data source via API.
- Etc...
Feature Information
Legend
| Symbol | Meaning |
|---|---|
| ✅ | Fully supported |
| ⏱️ | Incremental scanning (scheduled intervals) |
| ⏳ | Coming soon |
| ❌ | Not supported |
| N/A | Not applicable for this source type |
Feature Definitions
- Historical Scan: Scans existing content when integration is first set up, covering the historical debt.
- Real-time: Event-based monitoring that detects new content instantly as it's created or modified.
- Incremental: Scheduled monitoring that scans for new content at regular intervals (typically every few hours).
- Custom Perimeter: Allows granular control over which repositories, channels, or resources are monitored.
- Team Perimeter: Supports team-based access control for incidents.
- Presence Check: Verifies if detected secrets are still accessible.
- Source Visibility: Determines if the source can distinguish between public and private content visibility.
- File Attachments: Scans files attached to messages or tickets.
Security & Compliance
Data Protection�
- Read-only access: Integrations never modify your source data.
- Minimal retention: We store only metadata necessary for incident management.
- Encryption: All data is encrypted in transit and at rest.
- Regional compliance: Available in multiple regions to meet data residency requirements.
Privacy Considerations
- Explicit consent: Private channels/repositories require explicit authorization.
- Configurable perimeter: Control exactly what gets scanned.
- GDPR compliant: Full support for European data protection regulations.
- Audit trails: Complete visibility into what data is accessed
Getting Started
- Plan your integration strategy: Identify your highest-risk sources first.
- Start with VCS: Git repositories typically contain the most critical secrets
- Expand gradually: Add collaboration and documentation platforms
- Configure perimeters: Customize what content gets scanned
- Set up alerting: Configure notifications for your security team
Managing your integrations
Once you've set up your integrations, learn how to effectively Monitor Your Perimeter, including dashboard usage, scanning types, source status, and troubleshooting.
Support & Troubleshooting
- Plan requirements: Most integrations require Business or Enterprise plans
- Trial available: 30-day free trial for most integrations
- Support channels: Available through your GitGuardian dashboard
- Documentation: Comprehensive guides for each integration
Ready to enhance your security posture? Start with our most popular integration: GitHub.
