Detect public secret incidents
GitGuardian continuously monitors public sources to detect exposed secrets related to your organization. When secrets are found within your company public perimeter, GitGuardian creates public secret incidents that require investigation and remediation.
How detection works
Real-time monitoring
GitGuardian scans every public commit on GitHub as it happens using our Secret Detection Engine. When a commit matches your company perimeter, GitGuardian immediately analyzes it for over 450+ types of secrets.
Response time: The average time from a public commit to GitGuardian alert is 5 minutes.
What's monitored in real-time:
- Activity from developers in your perimeter
- Commits in your monitored GitHub organizations
- Content matching your secret graspers.
Historical scanning�
GitGuardian also performs historical scans to detect secrets that were exposed before your monitoring was established. A historical scan is performed at initialization of your Public Monitoring dashboard, then on a monthly basis.
What's covered by historical scans:
- Past activity from monitored developers
- Historical commits in monitored GitHub organizations
Secret graspers only work for real-time monitoring and do not apply to historical scans. They are monitored from the moment they are created, without retroactive scanning of past activity.
How incidents are created
A public secret incident is created when all of the following conditions are met:
- A secret is detected in a public GitHub commit or event
- The commit is linked to your company through your perimeter definition
- The secret detector is enabled in your detection settings
Each incident provides detailed information like secret type, validity status, attachment reasons, and complete context for investigation and remediation.
Expanding detection with Explore
While perimeter-based monitoring provides comprehensive coverage of known organization's and developers' activity, the Explore feature extends your detection capabilities by enabling proactive searches across public GitHub for secrets that might fall outside your defined perimeter.
You can use Explore to complement your perimeter monitoring with targeted searches for company-specific terms, domains, and technologies.
Customizing detection
You can customize which secrets to detect and how validity is checked. For detailed configuration options, see Customize detection and Validity checks.
