AI-Powered Features
GitGuardian uses AI to enhance its detection engine with capabilities that go beyond what rule-based systems can achieve.
This list is not exhaustive. AI and LLMs are used broadly across the GitGuardian platform, and capabilities continue to evolve.
False positive detection
What it does: Catches the complex edge cases of false positives that rule-based detection cannot resolve on its own — ambiguous patterns, test credentials mixed with production ones, revoked tokens still present in code.
Why it matters: Rule-based detection inevitably encounters ambiguous patterns: credentials that look real but aren't, test keys mixed with production ones, revoked tokens still in code. AI adds a second layer of judgment to catch these cases.
Learn more: Machine learning — False Positive Remover
Incident prioritization (risk score)
What it does: Assigns a risk score from 0 to 100 to every incident, with a human-readable explanation.
Why it matters: Without prioritization, security teams either treat everything as high-priority or rely on coarse severity buckets. Risk scoring turns the incident queue into a ranked list that reflects actual business impact.
Learn more: Prioritize incidents — Risk score
Secret enrichment
What it does: Adds provider, service category, and company context to generic secret detections. A generic "high-entropy string" becomes "Stripe API key" or "internal database credential" — with enough context to act immediately.
Why it matters: A large portion of detected secrets are generic — high-entropy strings, connection URIs, unknown tokens. Without enrichment, these incidents are opaque: something was found, but nobody knows what service it belongs to, who owns it, or how critical it is. AI-powered enrichment reads the surrounding code context and infers the provider, category, and usage pattern — bringing generic secrets close to the quality level of specific detections.
Learn more: Machine learning — Secret Enricher
Similar issues
What it does: Automatically groups related incidents so teams can remediate recurring patterns in batches instead of handling each incident individually.
Why it matters: In large organizations, the same secret often appears in many places. Without grouping, each occurrence requires separate triage. With grouping, a team can remediate the entire pattern at once.
Learn more: Investigate incidents — Similar incident grouping
GitGuardian Assistant (alpha)
What it does: A conversational AI assistant that helps analysts investigate incidents interactively — explaining risk, providing context, and suggesting next steps.
Why it matters: Investigation is the most time-consuming part of remediation. Analysts need to understand what a secret is, where it's used, who committed it, and what the blast radius is. The assistant puts that context at their fingertips through natural conversation.
For full details on the assistant, see the GitGuardian Assistant documentation.
For details on how your data is handled and which AI models are used, see the AI Management Policy. To control which AI features are active, see AI settings.
