Release Date: May 21, 2026

Developers are writing more code than ever with Claude Code, Cursor, and other AI assistants - and a lot of that code touches secrets. The new open-source GitGuardian/agent-skills repository ships skills that teach those agents how to use ggshield: when to scan, how to read findings, and how to walk the developer through remediation.

What's in it?

• Claude Code plugin: a one-command install (/plugin install ggshield) that makes the skill available to Claude Code - the agent invokes it when the developer asks to scan, validate a token, or remediate a leaked credential.
• Cursor rules & commands: the same skill packaged for Cursor, exposing the ggshield workflow so the agent can call it on demand.
• Defense in depth (optional): layer the ggshield agent hook on top (ggshield install -t claude-code) - unlike the skill, the hook runs automatically and scans every prompt, tool call, and tool output from inside the agent.

Why is this important?

We are meeting developers where they already are - no new tool to adopt, no workflow change. When the developer brings up secret scanning, key validation, or a leaked credential, the agent now knows to reach for ggshield, how to interpret the findings, and how to guide remediation in context. Pair it with the ggshield hook for fully automated, agent-side scanning. Either way, fewer secrets slip through AI-assisted development - with zero friction added to the developer's day.

Get Started Today!

The repository is public, MIT-licensed, and ready to demo:

• Browse the skills on GitHub
• Install the Claude Code plugin with /plugin install ggshield
• Or drop the Cursor rules into your .cursor/ directory

Contributions and feedback are welcome - open an issue or a pull request on the repo.

Enhancements​

• Jira Cloud - recurrent scanning instead of webhooks: Jira Cloud monitoring now relies on scheduled recurrent scans instead of inbound webhooks. See the Jira Cloud integration guide.
• VCS - scan orphaned commits and Git notes in historical scans: Historical scans on Version Control Systems now fetch every reference the remote exposes - pull/merge request refs, Git notes, GitLab keep-around refs, Gerrit change refs, and any other custom namespace - on top of standard branches and tags. Secrets in closed PRs, force-pushed history, and Git notes are no longer blind spots. See Manage your monitored perimeter.

Fixes​

• Perimeter: Fixed an issue where unmonitored sources were incorrectly displayed as deleted in the user interface.

  Release Date: May 20, 2026

Cut incident triage time by getting straight to the right list. The search bar now answers the questions you actually ask during triage - "what did Alice leak in the last 3 months?", "which unassigned critical incidents need owners?" - without forcing you through a chain of filter menus.

What's new?

• Search by secret value: paste a secret directly into the bar to see if it's already raised an incident. The value is hashed in your browser before being sent, so the plaintext never leaves your device.
• Search by commit author: type a developer's name or email fragment (e.g. @contractor.com) to surface every incident with at least one occurrence introduced by that person.
• Search by file path: type any portion of a path (e.g. .env, docker-compose.yml, config/secrets) to filter incidents whose occurrences match.
• Search by source name: type any portion of a repository, channel, drive, or project name to scope the page to that source.
• Natural language search (AI Filters): when AI Filters are enabled on your workspace, type a full sentence and GitGuardian translates it into the right combination of filters - for example, Open critical unassigned incidents related to cloud providers.

All search modes compose. You can mix structured filters, raw text, and a natural-language prompt in the same query, and save the result as a view to share with your team.

Why is this important?

Incident triage is fastest when you don't have to leave the page or know the exact filter name. By making the search bar the single entry point for every way you might describe what you're looking for, GitGuardian removes a layer of clicking from your day-to-day triage workflow - whether you're chasing a specific token, auditing a developer, or scoping leaks to a critical file.

Get Started Today!

The new search modes are available immediately on every workspace, on every plan. Natural language search requires AI Filters to be activated - see AI settings for the workspace settings and self-hosted prerequisites.

Learn more about the search bar

Enhancements​

• Microsoft Teams notifications: Backfilled the Issue Regression event for existing Microsoft Teams notifier configurations - channels now alert when a previously resolved incident reopens, in addition to new incidents and new occurrences. Learn more
• JFrog Artifactory scanning: Incident details now capture additional metadata for secrets found in JFrog Artifactory, making it easier to identify the leak author and assign incidents to the right owner.
• Sources health management — Jira Cloud: GitGuardian now pauses real-time ingestion and historical scans on unreachable Jira Cloud sources, auto-resumes them once health is restored, and surfaces an actionable recovery step. Rolling out to more integrations in upcoming releases. See the Jira Cloud integration guide.
• Risk score in alerting and ticketing: Incident risk score update events are now available in Custom Webhook, Slack, Microsoft Teams, ServiceNow, Jira Cloud, and Jira Data Center.

Fixes​

• Secret revocation: Fixed a case where revoking a Sendgrid API key from GitGuardian could surface a misleading error because the validity check was not re-run after the revocation request.
• Team perimeter: Restored the ability to bulk select all results when adding JFrog Artifactory sources to a team perimeter, previously broken on workspaces with large Artifactory repositories.
• GitHub health check: The GitHub and GitHub Enterprise health check now probes the documented /meta endpoint instead of the API root. This fixes false Unhealthy statuses reported after upgrading to GitHub Enterprise Server 3.19.4.
• Analytics: Fixed an issue where GitHub PR Check runs analytics dashboards were not displayed for GitHub Enterprise integrations.
• Perimeter performance: The source list now renders independently of the overview sidebar queries, fixing failed page renders on workspaces with very large source inventories (200k+ sources).

  Release Date: April 29, 2026

We're excited to announce a major enhancement to our Microsoft Teams integration that brings comprehensive notification coverage for all incident lifecycle events, honeytoken alerts, and public monitoring incidents. This unified notification framework provides complete visibility into your security posture directly in Microsoft Teams.

What's new?

Complete Incident Lifecycle Coverage: Previously, Microsoft Teams notifications only covered new incident detections and regression. Now you can receive notifications for every critical event including resolution, assignment, status changes, comments, access control, and sharing - giving you complete visibility into incident management workflows.

Public Monitoring Support: Public monitoring incidents can be sent directly to Microsoft Teams channels, enabling teams to receive perimeter security alerts alongside internal monitoring alerts.

Honeytoken Alerting: Microsoft Teams notifications now support honeytoken events, providing immediate alerts for honeytoken activity, previously only available via custom webhooks and email.

Flexible Configuration: Enhanced Microsoft Teams configuration allows teams to subscribe to specific event types per channel, providing granular control over notification preferences.

Why is this important?

Security teams need real-time visibility into all security events to respond quickly and effectively. This enhancement addresses key customer feedback about missing notification updates for incident resolution and status changes, while extending Microsoft Teams integration to public monitoring and honeytoken.

Get Started Today!

This enhancement is automatically available for all workspaces. Existing Microsoft Teams integrations will maintain their current notification settings, while new configurations can be set up with expanded event coverage.

Learn more about Microsoft Teams integration configuration | Configure honeytoken alerts

Enhancements​

• Public API: New Health Checks endpoints let you programmatically monitor the health of your integration instances (GitHub, GitLab, Slack, Jira, and more). List the latest health check across all instances, filter by integration type, status, or date, and retrieve the full health check history for a specific instance to power your own dashboards and alerting.
• Public API: You can now retrieve and filter archived sources.
  • Sources endpoint: now offer the provider_metadata.archived field (currently available for GitHub sources) and a provider_metadata_archived=true filter.
  • Incidents endpoint: now offer an only_on_provider_archived_sources=true filter to focus on incidents from archived sources and run bulk actions on the returned list.

  Release Date: April 27, 2026

We're excited to announce that file attachment scanning is now supported for Jira Cloud, Jira Data Center, Confluence Cloud, and Confluence Data Center.

You can now detect secrets in both textual content and uploaded files, giving you full coverage across your Atlassian sources.

Why this matters

Security-relevant content is frequently shared as screenshots, exported logs, reports, and documents attached to tickets or wiki pages. By scanning both attachments and page or issue content, GitGuardian helps you reduce missed exposures and improve remediation coverage across your Atlassian environment.

• Complete source coverage: Detect leaks in issue/page content and file attachments.
• Fewer blind spots: Catch secrets hidden in uploaded logs, reports, screenshots, and documents.
• Consistent experience: Atlassian attachment coverage now aligns with existing support in Microsoft Teams, Slack and other Corporate Data Sources.

Already using Jira or Confluence sources? Here's what you need to know:

• New scopes required: Attachment scanning rely on additional API scopes for Jira and Confluence Cloud (read:attachment:jira on Jira Cloud and readonly:content.attachment:confluence on Confluence Cloud). Reinstall each affected integration from Settings → Integrations → Sources so new OAuth applications include the new permissions.
• Run Full Historical Scan: To avoid any blindspot, we strongly recommend you re-execute the entire historical scans from your Confluence and Jira sources. This will ensure GitGuardian scans all attachments from the past.

Get started today

Check the updated documentation:

• Integrate Jira Cloud
• Integrate Jira Data Center
• Integrate Confluence Cloud
• Integrate Confluence Data Center

--

Enhancements​

• Public API: Removed the deprecated Honeytoken Labels API endpoints. Customers using custom tags should now use the Custom Tags API instead.
• Jira Notification: Jira templates now flag unsupported required fields at configuration time, preventing configurations from being saved with fields that would fail at send time.
• GitHub Check runs: Improved reliability of GitHub PR checks during partial outages for workspaces using GitGuardian Bridge.

  Release Date: April 23, 2026

We're excited to announce that the GitGuardian Slack app is now officially listed and approved on the Slack Marketplace, available in both US and EU regions ! This means you can install GitGuardian directly from Slack's app directory, and the peace of mind that comes with Slack's marketplace review process. Beyond marketplace approval, this release bundles several improvements to the Slack integration that make it more powerful, more privacy-aware, and easier to operate at scale.

What's new?

• Channel selection at setup time: You now choose which public channels to monitor during installation, instead of the app automatically joining every public channel. This gives you full control over your scanning perimeter from day one.
• File attachment scanning: Secrets hiding in file attachments dropped in channels and messages are now detected alongside text-based messages.
• Interactive messages (Beta): When GitGuardian detects a secret, it posts a threaded response directly in the original conversation with details about the finding and quick actions — including the ability to ignore low-risk incidents without leaving Slack.
• Enhanced privacy controls: Private channel names are now redacted for users who don't have access to those channels in Slack, fully respecting Slack's privacy model. A privacy information banner is also displayed during setup to clarify what GitGuardian can and cannot access.

Why does this matter?

Slack is where developers share code snippets, debug outputs, and configuration examples in real-time. These casual exchanges frequently contain accidentally pasted API keys, database credentials, and tokens that persist in chat history. With the new GitGuardian Slack app, you extend your proactive defense and efficiently streamline the efforts with the responsibles of the leaks!

Get started

1. Open the listing for your region: GitGuardian (US) or GitGuardian EU.
2. In GitGuardian, go to Settings → Integrations → Sources and install Slack from the Messaging section, then complete the OAuth flow for your workspace.

If you previously covered your Slack Perimeter with GitGuardian, you will need to reinstall your Slack App using the same procedure.

Check out the full Slack integration guide for perimeters, private channels, and interactive messages configuration.

---

Enhancements​

• Accessibility: Added support for Ctrl+Enter to submit forms, improving keyboard navigation efficiency.

Fixes​

• Dashboard: Fixed an issue where filtering Personal Access Tokens could cause the UI to become unresponsive.
• Bitbucket Cloud Integration: Updated API calls to use the new workspace-scoped endpoints, following Bitbucket Cloud's deprecation of cross-workspace APIs.

  Release Date: April 20, 2026

We're excited to announce native support for Gerrit as a VCS source. Gerrit is widely used for enterprise code review workflows, often hosting sensitive internal repositories. You can now connect your Gerrit instance to GitGuardian to detect secrets exposed across your repositories and commit histories, with the same experience as our other VCS integrations.

What does this mean for you?

• Historical scanning out of the box: GitGuardian performs a full scan of your repositories' commit history as soon as you connect your Gerrit instance, uncovering secrets that may have been exposed weeks, months, or years ago.
• Real-time detection with the webhook plugin: Install the Gerrit webhook plugin to catch new exposures the moment commits are pushed.
• Granular perimeter control: Choose exactly which repositories to monitor, and apply team-based access control just like with other VCS sources.
• Read replica support: Point GitGuardian to a read replica for cloning operations to reduce load on your primary Gerrit server.

Why is this important?

Gerrit repositories often host some of an organization's most sensitive internal code, yet many security programs lack visibility into them. Credentials and API tokens committed to Gerrit can remain in git history indefinitely, exposing internal systems and infrastructure to anyone with repository access. Native Gerrit support closes this gap and extends GitGuardian's secrets detection coverage to another critical part of your development ecosystem.

Get started

1. Generate an HTTP username and HTTP password in your Gerrit account settings (we recommend using a dedicated bot user).
2. Navigate to Settings > Integrations > Sources and click Configure for Gerrit.
3. Submit your Gerrit instance URL and HTTP credentials to start monitoring.

Check out the full integration guide to learn more.

---

Fixes​

• Personal Access Tokens: Fixed a bug where the source scopes selected during PAT creation were not correctly applied, resulting in tokens being created with unintended permissions.
• Bitbucket Cloud Integration: Updated the Bitbucket Cloud integration to use the new workspace-scoped APIs, following Atlassian's deprecation and removal of cross-workspace REST API endpoints.

  Release Date: April 16, 2026

NHI Governance can now tell you which of your Non-Human Identities hold admin rights, which are overprivileged compared to what they need, and automatically raises the risk level of any policy breach that lands on an admin NHI. You get a prioritized inventory where the identities an attacker would abuse first are already at the top, across AWS IAM, Microsoft Entra, and Okta.

What does this mean for you?

• Admin identities at a glance: NHIs with admin-level permissions (e.g. AWS AdministratorAccess, Entra Global Administrator, Okta Super Admin) are marked with an Identity level: Admin badge in the inventory and detail view.
• New policy, Overprivileged Identity: A dedicated policy flags identities granted broader permissions than they use, so you can drive NHIs back toward least privilege.
• Smarter risk criticality: Any policy breach on an admin NHI is automatically bumped one severity level higher, capped at critical. A leaked internal secret on an admin identity now shows as critical, not high.
• Cross-source coverage: Admin and overprivilege checks run on AWS IAM, Microsoft Entra (directory roles, Azure RBAC, Microsoft Graph permissions), and Okta (built-in and custom admin roles).

Why is it important?

Not all NHIs carry the same risk. An admin or overprivileged identity that leaks gives an attacker full control of the account, tenant, or directory, while a scoped identity limits the blast radius to one system. Until now, spotting those identities meant combing through IAM policies, directory roles, and custom permissions by hand, and a leaked internal secret looked the same whether it belonged to a read-only service or a Global Administrator.

With this release you can:

1. Focus remediation where it matters: Start with admin and overprivileged NHIs, and with the incidents their breaches generate, instead of treating every NHI equally.
2. Enforce least privilege: Surface NHIs that accumulated broad permissions over time and bring them back in line.
3. Shrink the blast radius: Cut the number of high-impact identities that a single compromised secret could abuse.
4. Meet audit expectations: Evidence that admin and overprivileged machine identities are reviewed, named, and tracked.

Get started

1. Open NHI Governance → Identities and sort by Risk criticality to see which NHIs rank highest.
2. Use the Identity level filter to isolate admin NHIs, and the Breached policies filter to find Overprivileged Identity breaches.
3. Learn more about admin identities, the Overprivileged Identity policy, and risk criticality.

This feature is available to NHI Governance paying customers.

---

Enhancements​

• Privacy Mode: Workspace owners can now enforce privacy mode at the workspace level, restricting the ability to view plaintext secrets to managers only or owners only for tighter control over sensitive data visibility. Learn more.
• Audit Logs: The list of captured audit log event types is now available through the public API, making it easier to configure SIEM ingestion and alerting rules. Learn more.
• AI: Workspace admins can now manage third-party LLM usage directly from the dashboard. Choose between GitGuardian's managed LLM providers (default), routing calls through your own AWS Bedrock account with Bring Your Own Cloud, or turning external LLMs off entirely. Internal ML models for false positive detection, prioritization scoring, and similar issues continue to run regardless, and existing configurations are unchanged. Learn more.

Fixes​

• Incidents: Fixed an issue where secret grasper matches found in long diffs were not visible in the dashboard occurrence view. The full file content is now displayed when the match falls outside the truncated patch.
• GitLab health check: Updated the GitLab instance health check for compatibility with GitLab.com and upcoming GitLab 19 self-hosted versions.

  Release Date: April 13, 2026

Team perimeter already scoped internal incident access for version control repositories. It now applies to all non-VCS integrations—container registries, messaging and collaboration (Slack, Microsoft Teams), documentation and file storage (Confluence, SharePoint Online, OneDrive), ticketing (Jira, ServiceNow), package registries—and to Bring Your Own Sources. Members only see incidents for sources that workspace managers add to their team's perimeter.

What does this mean for you?

• Consistent access control: The same team rules apply whether a secret is found in a repository, a container image, a chat, a document, or a custom source.
• Clearer delegation: Managers can assign sources to teams from the same team perimeter configuration flow.

Get started

Workspace Managers can add sources to a team's perimeter from Settings > User management > Teams, then open the team and use Add sources under the perimeter section. See Configure team perimeter and the Sources integration overview for supported integrations.

---

Fixes​

• Public Monitoring: Fixed an issue where some secret grasper matches were not displayed and highlighted in the incident page when they occurred in the full file content rather than in the commit diff.

  Release Date: April 10, 2026

AI coding assistants like Cursor, Claude Code, and GitHub Copilot can now read files, run shell commands, and call external tools during a session. That makes them powerful, but it also means secrets can be exposed before code ever reaches a repository or CI pipeline. ggshield now scans AI interactions in real time and blocks secrets before they are sent to a model or executed.

What does this mean for you?

• Prompt scanning: Secrets in your prompts are caught before they reach the AI model.
• Tool call protection: File reads, shell commands, and MCP calls are scanned before the AI assistant executes them.
• Post-action alerts: If a tool output contains secrets, you get a desktop notification so you can act immediately.
• Simple setup: A single ggshield install command configures hooks for your tool of choice.

Why is this important?

Prompts, local file access, shell output, and MCP tool calls sit outside the controls that protect repositories and CI pipelines. A developer might paste an API key while debugging, or an AI agent might read a .env file and pass credentials to a model provider. These interactions are invisible to most security programs today. Secret scanning at the hook level closes that gap, giving security teams visibility and control over what flows through AI-assisted development workflows.

Get started

1. Make sure you have ggshield 1.49.0 or later installed
2. Run ggshield install -t <tool> -m global where <tool> is cursor, claude-code, or copilot
3. Start coding: ggshield will automatically scan prompts and tool calls in the background

Check out the full setup guide to learn more.

---

Enhancements​

• Risk Score: Shipped an updated model that improves separation between low-risk noise and higher-priority findings; some incident scores may shift. Learn more.
• Saved views: The Critical saved view is now the default when you open the Internal Monitoring incidents page. Learn more.
• Public API:
  • Added privacy mode support, allowing users to control secret content visibility when retrieving secrets via API endpoints. Learn more.
  • Added new endpoints to trigger and cancel historical scans programmatically, enabling integration of scan management into automated workflows. Learn more.
  • Added severity_rule_id and detector category to the incident response - for both internal and public secret incidents.
  • Added a new GET /v1/severity-rules endpoint to list severity rules.
• Authentication: The SSO domain is now remembered after logout, allowing users to reconnect with a single click instead of re-entering their domain each time.
• Public exposure: "Found outside perimeter" leak details are now visible to all customers, regardless of Public Monitoring subscription. This allows users to better assess and qualify the signal as we continue to improve the reliability of this detection. Access to this information may evolve as the feature matures.

Fixes​

• Secrets Detection: Fixed an issue where ggshield could return an incorrect incident URL when two secrets shared the same hash across different repositories with the "Group by secret per source" enabled.
• Analytics: Fixed an issue where the "All time" date range filter did not consistently cover all incidents, potentially causing some older incidents to be excluded from analytics views.
• Jira Data Center Integration: Fixed an issue where Jira Data Center source connections could intermittently lose authentication.
• Honeytoken: Fixed a deployment job failure caused by an encoding error when interacting with the GitLab API during honeytoken deployment.
• Public API: Fixed an error when querying occurrences for public incidents originating from Explore Search.

  Release Date: March 24, 2026

GitGuardian now enforces multi-factor authentication (MFA) via email verification for all users who sign in with email and password. After entering your credentials, you'll receive a verification code at your email address to confirm your identity.

Beyond login, verification is also required before performing sensitive actions in your workspace settings — such as configuring SSO, creating API tokens, managing integrations, or inviting members.

Who is affected?

• Users who log in with email and password will be prompted for email verification at login and before sensitive actions.
• Users who log in via SAML SSO or GitHub are not affected — MFA is handled by your identity provider.

For more details, see the MFA email verification documentation.

---

Enhancements​

• Bring Your Own Sources: The POST /v1/scan/create-incidents API now supports an optional location.url field, allowing you to link scanned documents back to their origin (e.g., a wiki page, ticket, or config file). When provided, this URL appears in incident details for easy navigation to the origin of the leak.
• Authentication: Personal Access Tokens (PAT) and Service Account Tokens (SAT) now use an improved v2 format with gg_pat_ and gg_sat_ prefixes for better detection and security.

Fixes​

• Audit Logs:
  • Fixed an issue where the incorrect actor was displayed for certain audit log entries in the frontend.
  • Audit logs are now properly generated when creating Custom Sources via API using Personal Access Tokens.
• Incidents: Fixed an issue in the bulk filter panel where the select-all checkbox showed "0 incidents" and failed to deselect incidents after selection.
• API: Fixed a bug in the /v1/public-incidents/secrets/{id}/occurrences endpoint when retrieving occurrences for incidents discovered through Explore.
• NHI Governance: Resolved timeout issues when collecting Microsoft Entra ID data for workspaces with large datasets.

  Release Date: March 10, 2026

We are introducing a unified approach to public exposure information for secrets detected in Internal Monitoring. This update consolidates how we display public exposure, making it easier to understand and act on publicly visible secrets.

What's changing?

• Single tag: The "Publicly exposed" and "Publicly leaked" tags are now consolidated into a single "Publicly leaked" tag that appears whenever a secret has any type of public exposure.
• New "Public exposure" property: A new property provides detailed information about the nature of the exposure, categorized into three types:
  • Source is publicly visible: The incident has at least one occurrence in a monitored source that is publicly visible.
  • Has linked public incident: The secret also appears in public incidents from your public perimeter (requires Public Monitoring).
  • Found outside perimeter: The secret was found in public locations unrelated to your company, such as repositories you don't own (requires Public Monitoring for full details).

A new default saved view "Public exposure" and a dedicated column are available to help you filter and view exposure details.

👉 Learn more about public exposure

  Release Date: March 6, 2026

Setting up SSO and user provisioning shouldn't feel like a side project. That's why GitGuardian is now available as an Okta-verified app on the Okta Integration Network — giving your identity team a streamlined, standardized way to connect GitGuardian with your Okta directory.

What does this mean for you?

• One-click SAML SSO: Add GitGuardian from the Okta app catalog and configure SSO in minutes — no custom SAML app required.
• SCIM provisioning built in: Automatically create, update, and deactivate GitGuardian users when changes happen in Okta. No more manual onboarding or orphaned accounts.
• Group Push: Sync your Okta groups and their memberships directly into GitGuardian teams, keeping access aligned with your directory structure.
• SP and IdP-initiated SSO: Users can sign in from the GitGuardian dashboard or straight from their Okta portal — both flows are supported out of the box.
• Just-in-Time provisioning: New users get a GitGuardian account automatically on first login, even without SCIM.

Why is this important?

Managing user access across security tools is a pain point for every identity team. Manual provisioning leads to delays, stale accounts, and inconsistent permissions. With the Okta Integration Network app, GitGuardian plugs directly into your existing identity lifecycle — so access stays in sync, offboarding is instant, and your team can enforce consistent security policies without extra overhead.

Get Started Today!

1. In Okta, go to Applications > Browse App Catalog and search for "GitGuardian"
2. Click Add Integration and enter your GitGuardian Workspace ID
3. Configure SSO in your GitGuardian dashboard under Settings > Authentication
4. Optionally, enable SCIM provisioning under Settings > Identity Provider

Check out the full Okta SSO setup guide and the SCIM configuration guide to learn more.

  Release Date: March 5, 2026

Another registry, zero blind spots. We're expanding GitGuardian's container security coverage with a new integration for Red Hat Quay — the enterprise-grade, OCI-compliant registry trusted by organizations running OpenShift and hybrid cloud infrastructure.

Whether you're on quay.io or running a self-hosted Quay instance, GitGuardian now has you covered by scanning your container images for hardcoded credentials, API keys, and internal tokens buried in image layers.

What does this mean for you?

• SaaS and self-hosted, covered: Works with quay.io and on-premise Red Hat Quay deployments — same integration, same protection.
• Full image layer analysis: Every layer, every Dockerfile, every environment variable — scanned for secrets that shouldn't be there.
• Historical + incremental scanning: Catch secrets already hiding in existing images, and detect new ones as they're pushed.
• Granular perimeter control: Monitor specific repositories or your entire Quay instance — fine-tune coverage to match your needs.
• OAuth2 authentication: Secure, token-based integration with read-only access. No credentials stored, no write permissions required.

Why is this important?

Container images are the final artifact before production. A secret embedded in an image layer — a database password in an ENV directive, an API key baked into a config file — travels straight to your runtime environment. Unlike source code, image layers are often overlooked in security reviews, making them a prime vector for credential exposure.

With Red Hat Quay joining Docker Hub, Amazon ECR, Azure Container Registry, Google Artifact Registry, and JFrog Container Registry, GitGuardian now covers six major container registries — giving you unified secrets detection wherever your images live.

Get Started Today!

1. Navigate to Settings > Integrations > Sources
2. Click Install next to Red Hat Quay in the Container registries section
3. Create an OAuth Application in your Quay instance and connect it to GitGuardian

This feature is currently available in beta. Check out the full setup guide to learn more.

--

Enhancements​

• Public API: Added endpoint to retrieve GitGuardian's egress IP addresses in CIDR notation for allowlisting in firewalls, network security groups, or other access control systems. Learn more.

  Release Date: March 3, 2026

Your container images are scanned. Your Git repos are covered. But what about the packages flowing through your software supply chain?

We're thrilled to announce JFrog Artifactory Package Registries integration — bringing GitGuardian's secrets detection engine to the artifacts that power your builds. Maven JARs, npm tarballs, PyPI wheels, NuGet packages, and more: if a secret is hiding in there, we'll find it.

What does this mean for you?

• 12 package ecosystems covered: Scan Maven, npm, PyPI, NuGet, Go, Gradle, Swift, Cargo, RubyGems, Composer, Pub, and Generic repositories — all from a single integration.
• Historical + incremental scanning: Detect secrets already lurking in existing packages, and catch new ones as they're published.
• Granular perimeter control: Choose exactly which repositories to monitor, or cover your entire JFrog instance — your call.
• Share remediation efforts: Assign package repositories ownership like you do for VCSs, to route findings to relevant teams.
• Seamless setup: Connect your JFrog Artifactory instance in minutes with an Access Token — no agents, no sidecars, no complexity.

Why is this important?

Secrets don't stay in source code. They travel — embedded in build artifacts, bundled into packages, and shipped across your software supply chain. A leaked API key in a Maven artifact or a database credential in an npm package can compromise production systems just as effectively as one committed to Git.

With this integration, GitGuardian closes a critical blind spot. You now have unified secrets detection across your repositories, container images, and package registries — a complete view of your exposure surface.

Get Started Today!

1. Navigate to Settings > Integrations > Sources
2. Click Install next to JFrog Package Registries in the Package registries section
3. Connect your JFrog instance with an Access Token and start scanning

This feature is currently available in beta.
Check out the full setup guide to learn more.

---

Enhancements​

• Audit Logs: Scope information is now displayed in audit log entries when Personal Access Tokens (PATs) and Service Account Tokens (SATs) are created, providing enhanced visibility into token permissions for security compliance and monitoring.
• Security Settings: Added the ability to restrict Personal Access Token (PAT) scopes for members, allowing workspace managers to limit members to creating PATs with specific scopes (e.g., "Scan only") for enhanced security control. Learn more.
• Authentication Settings: Added customizable session duration setting, allowing workspace administrators to configure how long dashboard sessions remain active before users are automatically logged out. Learn more.
• Slack & Webhook Alerting: Added feedback content (remarks) to Slack and Webhook alerts for both internal and public monitoring incidents, providing complete feedback information in notification payloads. Learn more.
• Slack Alerting: Enhanced incident notification messages with improved formatting, additional context (secret type, status, assignee, severity, risk score), and clearer attribution for automated GitGuardian actions.
• Jira Ticketing: Added filename and line number as template options in Jira templates, displayed as "N/A" when not applicable to the incident source.
• Dashboard: Added "System" theme mode option that automatically matches the operating system's light or dark mode preference, set as default for new users.

Fixes​

• Alerting: Fixed an issue where Jira Cloud installations were unexpectedly soft-deleted without user action, causing notification failures.
• API: Fixed schema validation error for API response path 'id' that was causing client-side errors.
• Incidents: Fixed timeout issues when applying bulk updates to incident custom tags, improving performance for large-scale operations.
• Public Incidents: Fixed 400 Bad Request error when creating public incidents from secrets found in Explore.
• Security: Fixed an authorization issue where Workspace Members with Team Leader permissions could delete notification settings for the "All Incidents" team, ensuring only Workspace Managers can manage these settings.

  Release Date: February 11, 2026

We're introducing Ownership in NHI Governance: you can now assign and track who is responsible for each Non-Human Identity across your inventory. Ownership helps close the accountability gap for machine identities, speed up remediation when secrets are exposed, and align with compliance expectations.

What does this mean for you?

• Suggested owners: GitGuardian automatically suggests owners using data from your integrated sources and from secret incidents.
• Manual control: Add, edit, or remove owners at any time from an NHI's detail view.
• Inventory at a glance: An Owner column in the NHI inventory shows who is responsible for each identity.
• Workspace members and external users: Owners can be workspace members or external users identified by email.

Why is it important?

NHIs outnumber human identities by orders of magnitude, yet accountability for machine identities is usually unclear. Without ownership, remediation slows down, orphaned accounts go unaddressed, and incident response suffers when secrets are exposed or misconfigured. Ownership gives you:

1. Faster remediation – Know who to contact when an NHI is compromised or needs rotation.
2. Fewer orphaned accounts – Assign responsibility so every identity has someone accountable.
3. Stronger compliance – Meet audit and regulatory expectations (e.g. PCI-DSS, SOC 2, HIPAA) that require clear accountability for sensitive resources.
4. Better triage – Filter and prioritize by owner (e.g. "identities with no owner" or "owned by my team") to focus efforts where they matter most.

Get started

Open NHI Governance → Identities to see the Owner column and filter. Open any NHI to view or edit owners in the Owners section. Learn more about Ownership

This feature is available to NHI Governance paying customers.

---

Enhancements​

• Incidents: CSV exports now include new columns (risk_score, custom_tags, incident_name), updated tags, and a dedicated public monitoring export format with additional actor and source information.
• ggshield: Secrets with multiple incidents (when using "By secret per source" grouping) are now correctly ignored in scans if a related incident exists and is closed, preventing CI pipelines from blocking unnecessarily.

Fixes​

• Validity Checks: Secrets marked as invalid are now re-checked periodically, so their status can update to valid when they become usable again.
• Analytics: Commit date in hover tooltips now matches the actual timeline data.
• Developer in the Loop: Duplicate feedback submissions are now prevented by disabling the submit button after click and applying a cooldown period.
• SCIM: Email notifications for user and team sync operations (onboarding, offboarding, team membership changes) are now off by default. A new setting in the identity provider section lets you opt in to these notifications when desired.

  Release Date: February 2, 2026

We've refreshed the GitGuardian interface and introduced Dark Mode so you can work comfortably in any environment. The updated design brings cleaner layouts, improved contrast, and polished forms and navigation, making everyday tasks feel smoother and easier to consume.

What does this mean for you?

• Reduced Eye Strain: Work comfortably during late-night incident responses or in low-light environments with the new Dark theme.
• Personalized Experience: Choose the theme that works best for you—Light or Dark.
• Cleaner Interface: Enjoy improved contrast and polished navigation that makes reviewing incidents or exploring NHI identities faster.

How to Enable Dark Mode

To try it out, head to Account → Interface → Theme and pick your preference. Theme selection is per-user and stored in your profile, so your choice follows you across sessions.

---

Enhancements​

• Incidents API: Added external ticket information (Jira/ServiceNow) to incidents API responses, simplifying integration and improving tracking in alerting and issue management workflows.
• Analytics: Updated period selector options to include "Last 30/60/90 days" and "Previous month/quarter/year" for more flexible date range selection.
• SSO and GitGuardian Bridge configuration: Improved user experience when editing SSO Identity Provider and GG Bridge certificates, with clearer certificate status display and replacement workflows.

Fixes​

• Validity Checks: Implemented automatic retry mechanism for failed validity checks to reduce false alarms caused by transient errors such as temporary service unavailability.
• CSV Export: Fixed an issue where the secret value column in CSV exports contained invalid JSON format with single quotes instead of proper double-quoted JSON.

  Release Date: January 22, 2026

We are excited to announce expanded governance support for Microsoft Entra ID and AWS IAM. This update provides a unified source of truth for your cloud identity footprint, allowing you to manage risk and visibility across fragmented environments from a single pane of glass.

Core Identity Capabilities

• Unified Visibility: Map identities across your cloud infrastructure in a single platform, utilizing an enriched graph view to understand complex relationships between identities, policies, and secrets.
• Risk-Based Prioritization: The new risk criticality score automatically surfaces high-impact threats—such as leaked credentials, cross-environment secrets, and orphaned accounts—so you can focus remediation where it matters most.
• Secure, Secret-less Auth: Both integrations leverage OIDC (OpenID Connect) for credential-free, short-lived token-based access, eliminating the need for long-lived secrets.

Deep Cloud Integration

While providing a unified view, NHI Governance captures the unique architecture of each provider to ensure complete coverage:

• For Microsoft Entra ID: Gain transparency into Users, Service Principals, and Managed Identities, as well as both Security and Distribution Groups.
• For AWS IAM: Audit your posture by tracking Users, Roles, and Groups with full metadata.

Getting Started

• To begin syncing your identities, visit the integration documentation for setup instructions and required permissions: 👉 Microsoft Entra ID Setup | AWS IAM Setup
• Available to NHI Governance paying customers.

---

Enhancements​

• GitHub Check Runs: Updated neutral check run message to clarify no new secrets are detected in merge queues, as scanning already occurred during PR review.
• Perimeter: Custom perimeter support for Microsoft Teams, Confluence Cloud, Confluence Data Center, Jira Cloud, and Jira Data Center — selectively monitor specific channels, spaces, or projects for each integration.

Fixes​

• Secrets Validity Checking: Fixed an issue preventing validation of Google Cloud Keys secrets that resulted in "failed to check" errors.
• List of detectors in the settings: Fixed an issue where the validity check filter was not working properly.
• GitLab Integration: Fixed broken link in health check unhealthy error message that led to a 404 error.
• Health Check Email Notifications: Fixed an issue where GitLab integration health check emails incorrectly displayed "Bitbucket" as the source.
• Container Registries: Enhanced JFrog compatibility by implementing checksum search fallback when Docker image layers are not found via standard endpoints.
• Analytics Overview: Fixed misleading MTTR values by displaying "N/A" instead of "0" when no data is available.

  Release Date: January 8, 2025

Introducing ML-Powered Similar Incident Grouping - a smart solution to combat incident fatigue by automatically grouping related incidents for efficient bulk remediation.

Key Benefits:

• Reduce incident overload by identifying patterns in similar security incidents
• Streamline bulk actions on groups of related incidents
• Focus on unique issues while efficiently handling repetitive cases

Common grouping scenarios:

• Rotating tokens in automated deployments
• QA test credentials appearing across multiple files
• Database connection strings to the same environment
• Repeated false positives from templating code or tutorials
• High-entropy strings in logs that are likely system-generated
• Known noisy patterns from specific services or file types

Our ML algorithms analyze incident context beyond just detector types to identify meaningful relationships between incidents. View similar incidents in the sidebar of any incident detail page, then use bulk actions to resolve them efficiently.

This feature is available for both Internal Monitoring and Public Monitoring on the Business & Enterprise plans.

Enhancements​

• Integrations: Improved token refresh reliability for Slack and Atlassian Cloud integrations with automatic retry on transient failures.

Fixes​

• Playbooks: Fixed an issue where the "Auto-ignore incidents when secrets are tagged as false positive" playbook was incorrectly reactivated when a Business account's plan was edited in the back office.
• Historical Scans: Resolved a scan queueing issue that prevented all eligible sources from being properly enqueued during bulk scan operations.

  Release Date: December 31, 2025

We're expanding NHI Governance to cover your critical infrastructure, data, and identity platforms—closing blind spots in your non-human identity landscape.

Highlights

• Infrastructure & Data Platform Coverage: Enumerate service accounts and API keys across Datadog, Snowflake, Okta, and Auth0.
• Unified Identity Risk Assessment: Understand which identities have access to your most sensitive systems and data.

Get started

• Available to NHI Governance paying customers.
• Navigate to Settings > Integrations > Sources > NHI Governance and connect your Datadog, Snowflake, Okta, and Auth0 instances.

  Release Date: December 19, 2025

We're launching a streamlined Overview Analytics page that gives executives an instant pulse on security posture. At the top, unified KPIs for Protect, Detect, Remediate, and Govern surface repository coverage, incident volume, remediation speed, and identity safeguards—all at a glance.

What does this mean for you?

• Unified KPI Strip: Quick status check across all security dimensions—repository coverage, critical incidents, remediation time, and governance metrics.
• Monitored Perimeter Trends: Visualize how your monitored repository count evolves week over week.
• Top Risky Data Sources: Identify which repositories generate the most critical and high-severity incidents.
• Critical Incident Trajectories: Track how incident volume changes over time to spot emerging risks.
• Most Common Secret Types: Understand which secret categories appear most frequently in your perimeter.
• Closure Progress: Monitor remediation performance including auto-closures and manual resolutions.
• Governance Signals: View vaulted secrets and breached policies for NHI governance insights.

Why is this important?

This view is purpose-built for leadership reviews and status reporting. Use it to:

1. Identify where risk concentrates: Quickly pinpoint which data sources need immediate attention.
2. Measure response speed: Track how fast teams respond to security incidents.
3. Plan coverage expansion: Understand where monitoring should grow next.
4. Demonstrate progress: Show month-over-month / quarter-over-quarter improvements in security posture.

Get started

Navigate to Analytics > Overview to access the new dashboard. Use the KPI strip for a quick status check, then drill into each section to pinpoint hotspots and validate remediation performance.

Learn more about Analytics overview

---

Fixes​

• Risk Score: Removed an empty bullet point that appeared in the risk score explanation when no specific factors were highlighted.
• GitHub Check runs: Fixed an issue where check runs continued to run and block pull requests despite being disabled by property.

  Release date: December 17, 2025

We're excited to introduce risk score — an ML-powered feature available to Business workspaces that helps you focus on the incidents that matter most.

What's new

Each incident now includes a risk score ranging from 0 to 100, where 100 indicates the highest risk and 0 the lowest. The score automatically assesses threat level by analyzing multiple signals including secret type, validity, detection context, and exposure patterns.

Key capabilities:

• Granular prioritization: 0-100 scale for fine-tuned incident triage
• Flexible filtering and sorting: Filter by risk score range and sort by priority in your incidents table
• Updated "Critical" saved view: Now shows incidents with risk score above 80 for immediate focus on highest-priority threats
• Availability: Risk score is available for both Internal Monitoring and Public Monitoring on the Business & Enterprise plans.

Why it matters

The risk score cuts through the noise and helps you focus on critical incidents first. No more asking "where do I start?" or "which incidents are truly important?"—the ML model does the prioritization work for you.

📖 Learn more: How Machine Learning Transforms Security Alert Chaos into Actionable Intelligence

---

Enhancements​

• Detectors: Some detectors are now flagged as non-business and disabled by default for business accounts to reduce noise (related incidents are therefore hidden). Use the new "Recommended for business" filter in detector settings to identify and re-enable them if needed.

  Release Date: December 17, 2025

We're transforming how you interact with generic incidents. Secret Enricher replaces vague detector names with precise, ML-enriched secret identities, making every incident immediately actionable.

What's changed?

Instead of seeing generic detector names like "Generic Database Assignment" or "Generic High Entropy Secret," you now see the actual enriched secret type directly in the incident list:

• ❌ Before: "Generic Database Assignment"

• ✅ Now: "Redis Identifiers", "PostgreSQL Connection String", "MongoDB Credentials"

• ❌ Before: "Generic High Entropy Secret"

• ✅ Now: "Stripe API Key", "AWS Access Key", "Twilio Auth Token"

Why does this matter?

This shift from detector-centric to enrichment-driven incidents fundamentally changes how you understand and prioritize your security posture:

1. Instant Context: Know exactly what type of secret leaked at a glance—no need to open each incident
2. Faster Triage: Immediately identify critical infrastructure secrets (databases, cloud providers, payment systems)
3. Confident Prioritization: Clear secret categories help you focus on high-impact incidents first
4. Accelerated Remediation: Understanding what leaked speeds up the remediation workflow

How it works

Powered by our Secret Enricher v2 machine learning model, the platform analyzes the full context around generic secrets to identify:

• Provider: The specific service (Redis, Stripe, AWS, etc.)
• Category: The type of service (Database, Payment System, Cloud Provider, etc.)
• Family: Broader grouping for filtering and analysis

When our ML model successfully enriches a generic incident, the enriched name automatically becomes the primary display name throughout the platform—in incident lists, dashboards, filters, and reports.

Availability: Business and Enterprise plans.

What's next?

This enhancement brings us closer to our ultimate goal: zero generic secrets in your workspace. By making ML-driven categorization tangible and actionable, we're ensuring every secret detection provides maximum clarity and definition.

The enriched names work seamlessly with all existing Secret Enricher features:

• Category and provider filters
• Customizable columns

Learn more about Secret Enricher

---

Enhancements​

• Incident API: Enhanced incident retrieval endpoints to include enriched secret names in API responses for programmatic access.
• Export Reports: CSV and JSON exports now include both the original detector name and enriched secret name for comprehensive reporting.

Fixes​

• Docker Hub Integration: Fixed an error where users encountered "Input should be 'image' or 'manifest'" when configuring the Docker Hub source connector.

  Release Date: December 12, 2025

We're expanding NHI Governance with powerful new integrations to enhance your identity inventory and security posture.

Highlights

• Expanded Identity Discovery: Discover and enumerate non-human identities tied to Airbyte, Anthropic, N8n, OpenAI, CyberArk Secrets Manager Self Hosted, and Slack.
• Complete Identity Context: Map identities with enriched data including permissions and accessed resources.
• Identity-First View: New inventory interface centered around identities as the core entry point, providing better visibility and control.
• Enhanced Visibility: Gain comprehensive insights into your NHI landscape across those critical platforms.

Get started

• Available to NHI Governance paying customers.
• Navigate to Settings > Integrations > Sources > NHI Governance and connect your Airbyte, Anthropic, N8n, OpenAI, CyberArk Secrets Manager Self Hosted, or Slack workspace.

Additional integrations will be released in the coming weeks: stay tuned for more updates!

---

Enhancements​

• Secret Detection: Added support for secrets analyzers via GitGuardian Bridge.
• Incidents Dashboard: Added a new "Valid" saved view for all accounts.
• Incidents API: Added support for filtering incidents by triggered date in the public API endpoint.
• Public Monitoring: Improved highlighting of company domains and names in patches, now showing all matches rather than just the first occurrence.
• GitLab Integration: Added validation to block system hook integration for non-admin users and implemented health checks to verify admin token status.
• Docker Hub Integration: Updated to support organization namespaces, allowing scanning of images under organization accounts.
• Perimeter: Custom Monitored Perimeter for Container Registries, SharePoint, OneDrive, ServiceNow, and Slack — includes a redesigned interface for viewing, searching, and configuring sources, groups, and repositories with improved performance for large integrations.
• GitLab integration: Empty namespaces are now hidden by default to reduce clutter, with an option to display them when needed.

Fixes​

• Incident Management: Fixed filters not being applied to bulk actions when using "select all".
• Jira Ticketing Integration:
  • Fixed ticket creation failures for custom sources.
  • Resolved issue where Jira notifiers could become blocked in an unhealthy state.
• Perimeter:
  • Removed individual scan button from perimeter page to improve clarity around scan behavior.
  • Never create new scans on a source with scan already in progress.
  • Fixed issue where incremental scans were incorrectly displayed as user-triggered historical scans.
• GitLab Integration:
  • Fixed an issue where GitLab namespaces and projects were incorrectly displayed as "banned" when the instance was actually temporarily detected as unhealthy.
  • Fixed search functionality not working in the entity tree displayed as List view.
• Container Registry Integrations:
  • Source URL now redirects to the Google Artifact Registry repository as expected.
  • Fixed containerrRegistry cache mechanism to ensure content is rescanned when source differs, even with identical digests.
  • Handle blacked out JFrog repositories gracefully.

  Release Date: November 17, 2025

SCIM now supports team provisioning for Okta and Microsoft Entra ID. IdP groups are created as GitGuardian teams and kept in sync, completing end-to-end automation for users and teams.

Highlights

• Automated team creation: IdP groups become teams in GitGuardian.
• Near real-time sync: Group changes propagate to teams quickly.
• Full lifecycle automation: Works alongside user provisioning.
• Less manual work: Fewer errors and no hand-made team management.

Get started

• Available with Okta and Microsoft Entra ID.
• Service account token needs teams:write and members:write.
• Enable in Settings > Authentication and follow your IdP setup.
• See the product documentation for details.

---

Enhancements​

• Dev-in-the-Loop: Added incident ID display and dashboard navigation link for authenticated users on public incident sharing pages, improving investigation workflow.

Fixes​

• Container Registry Integrations: Fixed an issue where the sync task incorrectly unmonitored all repositories when automatic monitoring was disabled.
• Jira Data Center Integration:
  • Fixed an error that occurred when the installation version was not properly set during webhook synchronization.
  • Fixed an issue where historical scans failed with an unknown error for large projects.
• Incident Details: Fixed incorrect "First detected" date display by replacing it with "Detected date" and adding an "Opened for" field to show incident duration.
• Slack Notifications: Fixed incorrect user association and event triggering in Slack notifications.
• Health Check: Improved error differentiation to distinguish between GitGuardian Bridge connectivity issues and source system downtime.

  Release Date: November 7, 2025

Playbooks are now available for public secret incidents, bringing unified automation workflows across your entire security perimeter. This enhancement extends GitGuardian's proven automation capabilities to the Public Monitoring product.

What's new?

You can now automate remediation workflows for public secret incidents. All playbooks (except auto-share public link) now support Public Monitoring, reducing manual work when managing public incidents. The "auto-ignore false positive incidents" is activated by default on the public secret incidents, while the others have to be activated based on your desired workflows.

Why is this important?

Public monitoring can generate high volumes of incidents that require manual review and closure. With playbooks now available for public incidents, you can automatically resolve cases where secrets have been revoked, ignore invalid secrets, filter out false positives, and grant access to involved developers—significantly reducing the manual workload for your security team when managing public incidents.

Get Started Today!

Learn more about configuring playbooks in our documentation, or visit the Playbooks setting page directly.

Enhancements​

• Incident list: Added direct link to source location from the incident list view.
• API: The change_type field for secret occurrences is now exposed via API.

Fixes​

• Microsoft Teams integration: Fixed an issue which prevented to update the Client secret of a Microsoft Teams notifier integration.
• Incident feedback: Fixed a bug where the "Gives access to sensitive data" answer would always be registered as false when posting a feedback on internal incident.

  Release Date: October 28, 2025

We're excited to announce a major enhancement to GitGuardian's visualization capabilities: the improved identity graph with enhanced publicly leaked detection. This transforms how you investigate and understand secret incidents across your entire security perimeter.

What does this mean for you?

Comprehensive Context at a Glance: Our enhanced graph interface now consolidates scattered visualizations into one unified, context-rich view. You'll see critical details like severity levels, source information, and occurrence data directly within the graph, eliminating the need to switch between multiple pages during incident investigation.

Advanced Public Leak Intelligence: Building on our HasMySecretLeaked capabilities, the platform now provides enhanced visibility into three distinct types of public exposure—secrets in monitored public sources, incidents in your public perimeter, and external GitHub locations—all clearly categorized and contextualized within your incident workflows.

Why is this important?

Modern security teams need to understand the full scope of secret exposure across both private and public domains. With secrets often appearing in multiple locations—from internal repositories to external GitHub commits—having a unified view that correlates these incidents is crucial for effective remediation and risk assessment.

Enhanced Public Monitoring Integration

The new "Publicly Leaked" tag unifies previously scattered exposure indicators, providing clear visibility when secrets appear across your monitored sources, public incidents, or external locations discovered through our HasMySecretLeaked database. This integration ensures you have complete visibility into your organization's secret exposure landscape.

Get Started Today!

The enhanced graph views are now available across Internal Monitoring, Public Monitoring, and NHI Governance modules. Navigate to any incident to experience the new unified visualization that brings together comprehensive context, public leak detection, and streamlined investigation workflows in one powerful interface.

Enhancements​

• Incidents: Enhanced display capabilities to show large occurrence patches that previously showed "Diff too long to render".
• Explore (Public Monitoring): Added history tracking for Explore searches and scans.

Fixes​

• GitLab Integration: Fixed a 403 error that could occur during personal access token updates.
• SharePoint Integration: Resolved an issue where health-check operations would fail with error code 9999.

  Release Date: October 25, 2025

We're excited to announce a major enhancement to our Slack integration that brings comprehensive notification coverage for all incident lifecycle events, honeytoken alerts, and public monitoring incidents. This unified notification framework provides complete visibility into your security posture directly in Slack.

What's new?

Complete Incident Lifecycle Coverage: Previously, Slack notifications only covered new incident detections and regression. Now you can receive notifications for every critical event including resolution, assignment, status changes, comments, access control, and sharing - giving you complete visibility into incident management workflows.

Public Monitoring Support: Public monitoring incidents can be sent directly to Slack channels, enabling teams to receive perimeter security alerts alongside internal monitoring alerts.

Honeytoken Alerting: Slack notifications now support honeytoken events, providing immediate alerts for honeytoken activity, previously only available via custom webhooks and email.

Flexible Configuration: Enhanced Slack webhook configuration allows teams to subscribe to specific event types per channel, providing granular control over notification preferences.

Why is this important?

Security teams need real-time visibility into all security events to respond quickly and effectively. This enhancement addresses key customer feedback about missing notification updates for incident resolution and status changes, while extending Slack integration to public monitoring and honeytoken.

Get Started Today!

This enhancement is automatically available for all workspaces. Existing Slack integrations will maintain their current notification settings, while new configurations can be set up with expanded event coverage.

Learn more about Slack integration configuration | Configure honeytoken alerts

Enhancements​

• GitGuardian Bridge: Extended support for GitGuardian Bridge to SaaS EU. Learn more about GG Bridge.
• Public API: Enabled editing of Custom Monitored Perimeter via Public API for all sources (except for custom sources).
• GitLab Integration: Improved performance of the GitLab source selection interface to prevent browser unresponsiveness when searching through large numbers of namespaces, groups, and repositories.

Fixes​

• Perimeter: Fixed an issue where the scan button was not visible for members who are not in the all incidents team.
• SSO: Fixed an issue preventing IDP configuration creation due to missing default SCIM team permissions.
• Sources:
  • Fixed tooltip displaying "unknown error" for failed scans when the actual reason was branch deletion.
  • Resolved JFrog Container Registry health check failure when the first registry contains no repositories.
• Incidents:
  • Fixed an issue where occurrences displayed incorrect commit and file information, ensuring accurate incident tracking data.
  • Fixed an issue where the "Requires code fixing" section failed to load in some condition.

  Release Date: October 17, 2025

We're excited to announce an enhancement to ggshield that will streamline your remediation workflow: secret managers’ information is now available for secrets detected in integrated secrets managers!

What does this mean for you?

Enhanced Remediation Context: Previously, ggshield only indicated whether a secret was present in an integrated vault. Now you get the complete picture with specific vault names and exact paths, enabling faster and more precise remediation decisions.

Streamlined Developer Experience: Developers now receive detailed guidance directly in their CI pipelines and local environments, reducing the time spent investigating where secrets are stored and how to properly remediate them.

Why is this important?

In today's complex infrastructure landscape, secrets are often distributed across multiple vault systems. By providing precise vault location information, we empower development teams to act swiftly and accurately, significantly reducing investigation time and improving security posture across your organization.

Get Started Today!

This enhancement is automatically available in the latest version of ggshield. Update ggshield to 1.42+ to start benefiting from enhanced vault information display in your scanning workflows.

Check out our documentation to learn more.

Enhancements​

• Incidents: Added developer identity display for skipped secrets in GitHub Pull Request security checks, enabling SecOps to track accountability and follow up on security decisions during incident reviews.

Fixes​

• Plan: Fixed an issue where Enterprise plan customers were incorrectly shown as Business plan in the dashboard. The plan display now accurately reflects Enterprise subscriptions.
• Incidents search: Resolved a bug where search filters persisted without visible search text after page navigation, causing user confusion.
• Link to secret in internal source: Fixed an issue where some "View secret" links from historical scan occurrences did not navigate to the exact line in the commit.

  Release Date: October 9, 2025

GitGuardian Bridge creates a secure, encrypted tunnel that connects GitGuardian SaaS to ALL your self-hosted services without compromising network security.

What's new?

GitGuardian Bridge now supports comprehensive integration with any self-hosted service in your private networks - from GitHub Enterprise and GitLab to Jira Data Center, Confluence, Container registry, and custom sources. The setup process has been streamlined with flexible domain mapping that can be configured during bridge creation or later.

Why does this matter?

Modern enterprises run hybrid infrastructures with critical systems in private networks. GitGuardian Bridge solves the fundamental challenge of maintaining complete secret detection coverage across your entire infrastructure without opening firewall holes or exposing internal services to the internet.

Key capabilities:

• Universal compatibility with any self-hosted service
• Feature Parity with our SaaS application, including support for validity checks and secrets analyzers
• Zero network exposure with outbound-only connections
• Enterprise-grade security with mutual TLS authentication
• Simplified deployment with streamlined configuration

GitGuardian Bridge is available for Enterprise plan workspaces. Contact our support team to enable bridge functionality.

Learn more about GitGuardian Bridge

---

Enhancements​

• Generic Secret Enricher v2, GitGuardian's machine learning model for secret categorization, has reached version 2. This update introduces 50 new providers and enhances enrichment by 75% for public data and 50% for internal data, resulting in a 30% increase in categorized incidents. Learn more about Generic Secret Enricher.
• False Positive Remover v2.5: Enhanced detection capabilities with x2 more false positives identified (varies by customer). Better detects false positives in secret identifiers, secret file paths, variable names, and plugin versions. Learn more
• Jira ticketing integrations: Added automatic ticket assignment to incident authors via email matching, improving accountability and faster resolution. Available for both Jira Cloud and Data Center. Learn more
• ML bulk grouping (Early Access): Automatically group similar incidents using machine learning to reduce noise and improve incident management efficiency. This feature intelligently identifies patterns across incidents to streamline your workflow. Learn more

Fixes​

• Weekly Summary Email: Fixed incorrect date ranges displayed in weekly summary emails.
• Jira Integration:
  • Update Jira DC webhook creation to use version-specific endpoints based on the instance version.
  • Fixed admin permission detection for Jira Data Center.
• SharePoint integration: Fixed issue where SharePoint Online tenants appeared as monitored but failed to display nested sites and resources properly.
• Historical Scans: Fixed duplicate information appearing in the historical scan elements column.
• Secret Revocation: Fixed an error that occurred when attempting to revoke secrets for GitHub PAT.

  Release Date: September 30, 2025

We're thrilled to expand our detection coverage with Microsoft Teams Attachment Scanning!

Now, you can ensure comprehensive security by detecting secrets hidden in file attachments shared within Microsoft Teams.

Why This Matters?

• Enhanced Security: Automatically scan attachments for secrets, closing critical security gaps.
• Seamless Integration: No extra setup required, works effortlessly with your existing GitGuardian setup.
• No Extra Cost: Included in your current GitGuardian subscription.

Historical Scanning Consideration:

To cover your debt in file attachments shared in past messages, access your perimeter, manually select sources you want to cover, and scan them.

Get Started Today: Secure your Teams environment and protect your sensitive data now!
Check out our documentation to learn more.

---

Fixes​

• GitGuardian Bridge: Resolved an issue where a custom CA configured on the Bridge was applied to all integration endpoints, causing failures for services using public CAs.

  Release Date: September 26, 2025

Public Monitoring's new Explore feature enables you to proactively discover secrets related to your organization that may have been leaked beyond your defined perimeter. This powerful enhancement helps you find exposures in public GitHub repositories that the perimeter-based monitoring might miss.

Explore is available exclusively for Public Monitoring customers. Contact us for availability and pricing information.

How it works:

• Company-focused search: Use targeted queries to find commits containing your domains, service names, or internal system references
• Secret detection: Scan search results using GitGuardian's detection engine
• Incident creation: Convert discovered secrets into public secret incidents
• Automated monitoring: Schedule searches for your organizational assets with automatic incident creation

Why it matters: Your secrets can leak outside your direct control - in personal repositories, contractor projects, or third-party integrations. Explore helps you discover these organizational exposures by searching for your company's specific digital footprint: domains, email patterns, service names, and infrastructure references.

Get started today: Public Monitoring customers can navigate to Public Monitoring > Explore and use the built-in search tailored for organizational security monitoring.

Learn more on Explore.

---

Enhancements​

• Public Monitoring perimeter: Added CSV export functionality to download the list of developers.
• Secret detail: Base64 Basic Authentication token incidents now show the decoded username and password in the secret information.
• New Ignore reason: Added "Invalid Secret" as a reason when ignoring incidents where the secret was already invalid at detection time and requires no remediation.

  Release Date: September 23, 2025

We're thrilled to introduce Secret Revocation directly from the GitGuardian platform for supported providers, including GitHub, GitLab, and OpenAI. This enhancement is designed to accelerate your incident response process, reducing manual efforts and enabling you to quickly prevent attackers from leveraging your compromised secrets.

How it works:

• Quickly identify revocable secrets: Using the newly introduced Revocable by GitGuardian Tag.
• Access Controls: Requires full-access permissions on the incidents.
• Instant Revocation: Revoke secrets immediately using the call-to-acttion from the incident detail view.
• Safety First: Includes a confirmation step to prevent accidental revocations.
• Closing the incident loop: Automatically resolves incidents when valid secrets are revoked.
• Comprehensive Audit Trail: Every revocation activities are tracked and logged within the incident timeline for compliance and auditing purposes.

Assess the impact first:

To prevent operational disruption, always assess the impact of a revocation first. GitGuardian provides the context you need to evaluate the risk, including identifying which workloads depend on the credential, so you can act confidently.

Why it matters:

Manual secret revocation is traditionally slow and complex, as it often involves different teams. This delays the incident response and increases the security risk compromised secrets pose. This integrated revocation feature significantly shortens secret exposure times and expedites incident response workflows, especially once the investigation confirms secret shall be revoked.

Learn more about revocation.

---

Enhancements​

• Public API: Added Container Registries endpoints to the public API documentation.
• Pattern Exclusion: Improved performance and memory usage when checking the impact of secret pattern exclusions.

Fixes​

• Container Registries Integrations: Fixed authentication error with Google Artifact Registry that was causing scan failures.
• Explore: Fixed incorrect secret count display in scan results to ensure consistency with actual detected secrets.

  Release Date: September 17, 2025

We're excited to introduce AI Filters - use natural language to navigate through Incidents, Perimeter, and Audit Logs. Finding what you need has never been easier.

What it does:

• Type queries in plain English (e.g., "Show me critical incidents from last week")
• AI automatically converts your request into the appropriate filters
• Works alongside your existing filter settings
• Save AI-generated filters as views for team sharing

Available in: Incidents, Perimeter, and Audit Logs

Look for the AI input field in your filter bars to get started! Learn more about AI filters.

---

Enhancements​

• Confluence Cloud Integration: Enhanced Confluence Cloud secret scanning to work with outbound-only network connections through OAuth2 authentication, eliminating the need for inbound access previously required by Connect app installations. This improvement enables organizations with strict network policies to securely scan their Confluence Cloud content using historical scanning capabilities. Learn more
• GitHub Check Runs: Added option to include public share links in check runs, enabling developers outside your workspace to access and resolve incident details directly from pull requests without requiring GitGuardian dashboard access. Learn more
• Security: Added Content Security Policy (CSP) headers to improve browser security.

Fixes​

• Remediation tracking: Disabled file tracking for non-default branches. Learn more
• Perimeter:
  • Fixed "invalid time value" error when applying filters with running bulk scans.
  • Fixed scan bar and buttons visibility for team members not in the global team.
• Notifications:
  • Fixed Honeytoken events to only appear in "All incidents" team notifications instead of all teams.
  • Fixed custom webhook URL validation to properly handle escaped URLs.
• Integrations:
  • Fixed installation validation blocking customers from setting up on-prem JFrog Docker registry integration.
  • Fixed direct URL display in occurrences for older Confluence Data Center versions.

  Release Date: August 20, 2025

We're thrilled to announce a feature that will significantly enhance your investigation: Context Previews are now available for Secret Leaks in non-VCS sources like SharePoint, OneDrive, Slack, and Confluence!

What does this mean for you?

• Immediate Context Visibility: Instantly view the surrounding content where secrets were detected, directly within GitGuardian incidents. No more switching between systems!
• Accelerated Investigation: Reduce investigation time by up to 75% with quick access to contextual information, enabling faster, more informed remediation decisions.

Why is this important?

In today's fast-paced digital landscape, efficient incident response is crucial. By providing immediate context, this feature empowers you to act swiftly and accurately, minimizing potential risks and enhancing your organization's security posture.

Get Started Today!

Context previews are now automatically available by default for all non-VCS incidents on your workspace.
Get in touch with our Support team if you want this feature disabled.

---

Enhancements​

• User management: Managers can allow users with the "Can view" incident permission to comment and provide feedback, improving collaboration without granting edit rights. Learn more

Fixes​

• Analytics: Fixed timezone handling issues in the new Analytics dashboard that caused incorrect data display for users in different time zones.
• Token Management: Removed the unnecessary service account token link from the personal access token page for members.

  Release Date: August 13, 2025

We're excited to announce the launch of Bring Your Own Sources, a powerful new feature that allows you to extend GitGuardian's secret detection capabilities to any data source, whether it's CI logs, legacy systems, local filesystems, or SFTP servers. This feature empowers you to seamlessly integrate custom sources into your existing security monitoring workflow.

Why You'll Love It:

• Infinite Flexibility: Scan any source, regardless of native integration support, and manage incidents directly in the GitGuardian dashboard.
• Comprehensive Coverage: Eliminate detection gaps and ensure comprehensive coverage across all your environments, especially those highly isolated.
• Seamless Integration: Integrate sources within minutes, incidents automatically appear in the GitGuardian interface.

How It Works:

• Declare a Custom Integration: Use the GitGuardian dashboard to create a custom source and receive a unique ID.
• Scan Your Data: Use ggshield, custom script or any automation tool to scan content from your custom sources.
• Manage Incidents: View and manage all findings in the GitGuardian dashboard with full filtering and incident management capabilities.

It's Future-Proof:

We're planning enhancements in the coming months, like multi-source support per integration and larger file limits.
We'd love to hear from you: Let us know how it solved your challenges or how we can improve to help you solve them!

Get Started Today!

• Look into our documentation to help you get started.
• Or dive into our Blog Post Series to start securing your custom sources with GitGuardian!

---

Enhancements​

• VCS Integrations: Added option to disable automatic repository monitoring when adding new VCS integrations, providing more control over your monitored perimeter.
• Bitbucket Cloud Integration: Updated authentication to support API tokens as Atlassian discontinues app passwords, ensuring continued integration functionality.

Fixes​

• Email Notifications: Fixed an issue where integration health check emails were sent without respecting user email notification preferences.
• Confluence Data Center Integration: Resolved an issue where private spaces were not being retrieved during integration setup.

  Release Date: August 1, 2025

For customers with Public Monitoring enabled, we're excited to announce the release of dedicated API endpoints, enabling programmatic access to manage Public Monitoring findings.

What's new?

We've introduced new endpoints that allow you to:

• Manage and interact with public secret incidents
• List public perimeter developers information The new endpoints maintain consistency with our internal incidents API structure, ensuring a familiar experience for existing API users.

Why does this matter?

With these new API endpoints, you can:

• Integrate GitGuardian's public monitoring capabilities directly into your existing security tools
• Create automated workflows to handle incidents more efficiently
• Reduce response time by eliminating manual platform interactions

Check our API documentation to get started.

---

Fixes​

• Incident permissions: Fixed an issue where assignees with "can view" permissions would be hidden from the incident's UI.
• Slack integration: Fixed an issue where duplicate secret occurrences were created when thread replies were posted to channels in Slack.
• JFrog Artifactory integration:
  • Fixed an error in repository last update date retrieval during recurrent scans.
  • Improved error handling and diagnostics for health check connectivity issues.

  Release Date: July 28, 2025

We’re excited to announce a powerful enhancement to your incident management experience, designed to help you focus on what matters: we are introducing a new playbook: Automatically Ignore Invalid Incidents.

What's new?

This new playbook will automatically ignore incidents where the detected secret has been confirmed invalid and revoked, even for those that have never been valid. With this new capability, your team can immediately focus on genuine, actionable threats without being distracted by unnecessary noise from already-resolved issues.

Why This Matters?

By automatically clearing these known invalid incidents, you'll save valuable time, reduce alert fatigue, and maintain a clear focus on critical security issues that require your attention.

Important Note

This playbook is designed for incidents from standard detectors and will not impact those related to detectors with a custom host.

You Stay in Control

The playbook will be enabled by default, but you can opt out at any time if it doesn’t fit your needs. All incidents will remain accessible in your workspace for review.

Documentation

---

Fixes​

• Incidents Management: Resolved a regression where secrets detected on deletion lines could reopen incidents. Deletion lines are no longer scanned for secrets, as per the expected "Scan only addition line" behavior.

  Release Date: July 25, 2025

We're excited to announce the integration of Public Monitoring directly into the GitGuardian platform, bringing all your security modules under one unified, powerful experience. This consolidation streamlines workflows and creates powerful synergies for comprehensive secrets and NHI security.

Public Monitoring continuously scans public GitHub to detect exposed secrets related to your organization and developers. This proactive monitoring helps you identify and remediate security risks before they can be exploited by malicious actors, extending your security coverage beyond your direct control.

The solution offers:

• Proactive risk detection: Identify exposed secrets as early as possible by scanning your defined public perimeter
• Contextual intelligence: Understand the scope and severity of each incident with detailed investigation context
• Unified incident management: Leverage the same powerful incident management capabilities across both public and internal monitoring
• Enhanced cross-module insights: Benefit from integrated correlation with Internal Monitoring and NHI Governance, including exploration maps that show how publicly exposed secrets relate to your internal incidents, vaulted secrets or infrastructure usage

Public Monitoring is a module that requires a specific license. Contact us for availability and pricing information.

Learn more:

• Product Overview
• Documentation
• GitGuardian NHI & Secret Security video presentation

---

Enhancements​

• Custom webhooks: Enhanced webhook configuration with more granular event selection and support for Public Monitoring incident events (available to teams with Public Monitoring access). See the updated documentation.

  Release Date: July 23, 2025

We're excited to announce a major update to Internal Monitoring: comprehensive analytics dashboards that empower you to monitor, investigate, and improve your organization's security posture across four key dimensions—Protect, Detect, Remediate, and Prevent.

Get answers to your most important security questions with new, interactive charts and tables:

Are your code repositories fully monitored for secrets? See the Count of sources chart to track the percentage of monitored repositories over time.

Which types of secrets are most frequently detected in your codebase? Explore the Most detected secrets chart to identify the most common secret types found.

Which teams and sources are most at risk for secret leaks? Check the Top teams by incident count and Top sources by incident count tables to pinpoint where incidents originate.

Is your team resolving security incidents quickly enough? Review the Median time to remediate chart to monitor how fast incidents are being resolved.

How effective are your secret prevention tools in stopping leaks before they happen? Analyze the Total count of incidents avoided by GGShield and GGShield scans over time charts to measure prevention and adoption.

With these new analytics, you can:

• Visualize monitoring coverage and trends
• Identify the most common and riskiest secrets
• Track incident detection and remediation performance
• Measure the impact of prevention tools like GGShield
• Drill down by team, source, and severity for targeted action

Start exploring the new dashboards today to drive smarter, data-driven security decisions!

Read documentation

---

Enhancements​

• GitLab integration: Configuration of multiple GitLab integrations using both system hooks and group hooks simultaneously is now supported

  Release Date: July 21, 2025

We're thrilled to unveil Quick access, a powerful new feature designed to streamline your navigation and boost productivity within the GitGuardian platform.

It offers a unified search interface that allows you to swiftly access different parts of the application, search documentation — all from one convenient location.

Why you'll love it:

Quick access is designed to make your experience with GitGuardian smoother and more efficient:

• Faster navigation: Reduce time spent navigating through complex menu structures.
• Context-aware results: Search results adapt based on your current location and permissions.
• Enhanced productivity: Spend less time searching and more time doing.

How to use:

• Access: Use Ctrl+K (or Cmd+K on Mac) to open it from anywhere in the platform.
• Search: Type your query to find pages, documentation.
• Navigate: Use arrow keys to browse results and press Enter to select.

Try it out today and let us know what you think! Check out our documentation to learn more!

---

Enhancements​

• Public API: Custom Tags (custom_tags) query parameters have been documented as part of the API documentation.

Fixes​

• User Management: Ensure SCIM user provisioning matches emails case-insensitively to prevent duplicate or mismatched user entries.

  Release Date: July 7, 2025

Following the introduction of the historical scanning for Confluence Data Center, we’ve kept the pace with the support of that capability for Jira Data Center!

What's new?

Previously, our integration would surface hardcoded secrets in real-time, alerting you to newly introduced risks as soon as they appeared. With this update, we’re extending our detection to include secrets that were leaked in the past—not just those introduced going forward.

Why does this matter?

Once a secret is leaked, it should always be considered compromised, regardless of when the leak occurred. By surfacing historical secrets, you can now:

• Identify and remediate old, forgotten leaks that may still pose a security risk.
• Reach a comprehensive security posture by ensuring that no secrets—past or present—slip through the cracks.
• Take proactive action to rotate or revoke secrets that may have been exposed long ago.

Check out our Jira Data Center documentation to see how to use this feature now!

---

Fixes​

• Email Notifications: Improved email delivery logic for Microsoft Teams integrations to prevent excessive notification sending during periodic scans.

  Release Date: June 30, 2025

We’re excited to announce a significant enhancement to our secret detection capabilities for Confluence Data Center: historical scanning is now available!

What's new?

Previously, our integration would surface hardcoded secrets in real-time, alerting you to newly introduced risks as soon as they appeared. With this update, we’re extending our detection to include secrets that were leaked in the past—not just those introduced going forward.

Why does this matter?

Once a secret is leaked, it should always be considered compromised, regardless of when the leak occurred. By surfacing historical secrets, you can now:

• Identify and remediate old, forgotten leaks that may still pose a security risk.
• Reach a comprehensive security posture by ensuring that no secrets—past or present—slip through the cracks.
• Take proactive action to rotate or revoke secrets that may have been exposed long ago.

Check out our Confluence Data Center documentation to see how to use this feature now!

---

Enhancements​

• Jira Data Center Integration: Enhanced Jira Data Center incident creation to include leaker email addresses for historical comments occurrences.

Fixes​

• GitHub Integration: Fixed an issue where dangling GitHub installations were being unnecessarily checked when no installations were present.

  Release Date: June 26, 2025

In the era of agentic AI, safeguarding your organization's knowledge database is more crucial than ever.

We're excited to announce that GitGuardian now supports secrets scanning for Microsoft SharePoint and OneDrive, empowering you to protect sensitive information from inherent breaches and mitigate risks effectively.

What does this mean for you?

• Comprehensive Security: Automatically detect and remediate exposed secrets in your SharePoint and OneDrive files, ensuring your data remains secure.
• Proactive Protection: Identify and address potential vulnerabilities before they can be exploited or ingested by your LLM providers or internal AI agents.
• Seamless Integration: Easily incorporate this new scanning capability into your existing GitGuardian setup for a unified security approach.

Why is this important?

As AI continues to evolve, the potential for breaches increases. By securing your organization's knowledge base, you can prevent the ingestion of compromised secrets by LLMs or internal AI Agents, ultimately preventing your secrets from falling into the wrong hands. With GitGuardian's new scanning capabilities, you can confidently navigate the digital landscape, knowing your secrets are safe.

Secure your collaboration. Protect your business.

Simply connect your Microsoft Teams instance and let our enhanced detection engine do the rest. Our solution will automatically scan both ongoing and historical SharePoint Online and OneDrive content, surfacing any hardcoded secrets for prompt remediation.

Check out our documentation to get started now!

  Release Date: June 19, 2025

The GitGuardian MCP (Model Context Protocol) Server is now available on GitHub. This integration brings GitGuardian's security capabilities directly into your AI-powered development environment, supporting Cursor, Windsurf, and any IDE implementing the Model Context Protocol.

The MCP Server enables your AI agent to read and analyze security incidents, generate honeytokens, and perform automated remediation tasks—all without leaving your development workflow.

Key Benefits

1. Eliminate Context Switching: Access security scanning and incident management directly within your AI IDE without switching to GitGuardian dashboards.
2. Real-Time Security Feedback: Catch security issues immediately during development, before they enter your codebase.
3. Enhanced Developer Autonomy: Empower developers to manage security posture independently with direct access to GitGuardian's tools.

Getting Started

For Cursor users: Click the button to install the GitGuardian MCP Server directly in your IDE.

For other IDEs: Follow our setup instructions to integrate the MCP Server into your environment.

Documentation: Read the full GitGuardian MCP Server documentation for detailed setup, tool reference, and security information.

---

Enhancements​

• Custom Tags API: Enhanced the custom tags filter in the public API to support filtering by key/value pairs in addition to IDs, improving search flexibility for better incident management. Learn more.
• Teams: Optimized the /teams API endpoint to reduce loading times for workspaces with large team structures.
• Playbook: "Auto-resolve secrets incidents when valid secrets are revoked" playbook is officially activated for all accounts. Learn about Playbooks
• Custom remediation: Added dynamic links to custom remediation pages, providing users with seamless access to relevant documentation and revocation support.

Fixes​

• Emails: Resolved an issue where email alerts were being sent to inactive workspace members.
• Custom Tags:
  • Resolved pagination issues in the custom_tags endpoint that were causing incorrect next page URLs.
  • Fixed an issue where assigning tags to selected filtered issues was incorrectly applying tags to all issues instead of only the selected ones.
• GitLab: Improve permission checking for GitLab group integrations to properly handle inherited permissions from parent groups.
• Azure DevOps Integration: Improved token handling to prevent unnecessary revocation of Azure DevOps installations due to intermittent 401 errors.
• Secret analyzer: Improved behavior to ensure secret analyzer is properly disabled when validity checking is turned off.

  Release Date: May 23, 2025

GitGuardian is excited to announce a new API endpoint /v1/secrets/{secret_id}, allowing users to securely access secret values directly through our API.

This feature introduces several key benefits:

1. Enhanced Security Automation - Integrate secret remediation into existing security workflows and tools with secure API access to secret values.
2. Reduced Manual Intervention - Eliminate the need to manually copy secrets from the UI, saving time and reducing human error.
3. Comprehensive Security Controls - Multiple security layers (PAT permissions, workspace settings, IP allowlisting) ensure secrets are accessed only by authorized users.
4. Complete Secret Context - Receive both the secret value and detector information in a single API call for efficient remediation.

Read more in the documentation

  Release Date: May 21, 2025

SCIM (System for Cross-domain Identity Management) integration now supports both automatic user provisioning and deprovisioning in GitGuardian. When users are added or removed from your Identity Provider (IdP)—such as Okta or Microsoft Entra ID—they are automatically created or deactivated in your GitGuardian workspace.

Now, all your developers can be automatically onboarded to GitGuardian and are ready to handle security incidents as soon as they are added to your IdP. This means you can fully automate the onboarding and offboarding of users, directly from your IdP, ensuring your entire development team is always prepared to respond to incidents.

Why is this important?

• Streamlined onboarding: New users are automatically provisioned in GitGuardian as soon as they are added to your IdP—no more manual invites or user creation.
• Automated offboarding: When a user is removed or deactivated in your IdP, their access to GitGuardian is automatically revoked, reducing security risks.
• Real-time synchronization: User changes in your IdP are reflected in GitGuardian almost instantly, ensuring your workspace always stays up to date.
• Improved compliance: Automated user lifecycle management helps you meet security and compliance requirements by ensuring only authorized users have access.
• Reduced manual work: Save time and reduce errors by eliminating manual user management tasks.

Note: Team provisioning via SCIM is not yet available, but is planned for a future update.

How to get started?

• SCIM is available for workspaces using Okta or Microsoft Entra ID as their IdP.
• To enable SCIM, go to your workspace Settings > Authentication and follow the setup instructions for your IdP.
• For detailed configuration steps and best practices, check out our product documentation.

---

Enhancements​

• Emails: Included the number of incidents to both weekly digest and historical scan emails subject line
• Jira Data Center Issue Tracking Integration: Creating Jira tickets now only requires regular user permissions. Administrator privileges on the Jira Data Center site are only needed when setting up the two-way synchronization (Auto-resolve feature).

Fixes​

• GitLab Integrations: Resolved a problem where system hook checks returned a 403 forbidden error when using a read-only token.
• Dashboard: Resolved an issue where a toast message displayed "unknown error" in certain situations.
• Historical Scan: Resolved an issue where scans of empty GitHub repositories were incorrectly marked as failed.
• API: Resolved an issue where deleted sources were incorrectly displayed as monitored.

  Release Date: May 5, 2025

We’re pleased to introduce hardcoded secret detection for Microsoft Teams!

What’s new?

Our platform now scans Microsoft Teams messages for hardcoded secrets—such as API keys, credentials, and tokens—across both new activity and historical content. This means you can instantly identify and remediate exposed secrets, whether they were just shared or left unnoticed in your Teams environment.

Why is this important?

Once a secret is leaked, it remains a security risk until addressed—regardless of when it was exposed. By providing both real-time and historical scanning, we offer:

• Comprehensive coverage: Instantly detect newly introduced secrets and uncover old leaks hiding in past conversations or shared files.
• Proactive risk management: Take swift action to rotate, revoke, or investigate secrets, minimizing the window of exposure.
• Complete peace of mind: Ensure your Teams environment is continuously monitored and secured against secret sprawl.

Secure your collaboration. Protect your business.

Simply connect your Microsoft Teams instance and let our enhanced detection engine do the rest. Our solution will automatically scan both ongoing and historical Teams content, surfacing any hardcoded secrets for prompt remediation.

Check out our documentation to start protecting your MS Teams communications!

---

Enhancements​

• Emails: Included the number of incidents to both weekly digest and historical scan emails subject line.

  Release Date: May 2, 2025

With this new feature, users can create fully customized views of their incidents, displaying specific properties and exploring their security data in an entirely new way.

---

This customization capability offers two key advantages:

1. Leverage the Generic Secret Enricher model (read release page) - You can now explore and prioritize generic incidents more effectively by visualizing the AI-classified secret categories and providers
2. Harness extensive incident context - Access the rich contextual data we provide for each incident, which is essential for efficient prioritization efforts

Context is critical for effective remediation. CyberSecurity is fundamentally a data business, and by collecting and presenting the richest, most structured context possible, we enable you to filter, sort, and prioritize incidents effectively and make informed decisions.

Read more in the documentation

  Release Date: April 29, 2025

We’re excited to announce a significant enhancement to our secret detection capabilities for Jira and Confluence Cloud: historical scanning is now available!

What's new?

Previously, our integration would surface hardcoded secrets in real-time, alerting you to newly introduced risks as soon as they appeared. With this update, we’re extending our detection to include secrets that were leaked in the past—not just those introduced going forward.

Why does this matter?

Once a secret is leaked, it should always be considered compromised, regardless of when the leak occurred. By surfacing historical secrets, you can now:

• Identify and remediate old, forgotten leaks that may still pose a security risk.
• Reach a comprehensive security posture by ensuring that no secrets—past or present—slip through the cracks.
• Take proactive action to rotate or revoke secrets that may have been exposed long ago.

Check out our documentation to enable the feature now:

• Jira Cloud
• Confluence Cloud

---

Enhancements​

• API: Introduced a new endpoint GET to the Public API, allowing users to retrieve invitation details.

Fixes​

• ServiceNow Integration: Redirects to the proper URL when checking hardcoded secrets in ServiceNow sources.

  Release Date: April 23, 2025

We're proud to introduce NHI Governance our brand new solution designed to help you manage and secure your Non-Human Identities (NHIs) and related secrets.

As organizations face exponential growth in machine identities, NHI Governance delivers a comprehensive observability and lifecycle management across all your environments. Integrating with leading secrets managers and other sources from your infrastructure, such as CI/CD pipelines or Kubernetes Clusters, it centralizes inventory, helps you assess your posture, and enforces security policies.

The solution offers:

• Deep contextual insights, mapping relationships between secrets, their consumers, and resources, drastically reducing incident response times.
• Advanced analytics helps you identify risks like overprivileged NHIs and track hygiene metrics.
• Policy enforcement aligns your posture with standards such as the OWASP NHI Top 10.

NHI Governance empowers you to regain control over your NHIs and tied secrets, reduce risk, accelerate compliance tasks, and improve hygiene by addressing orphaned, untracked, or overprivileged credentials.

Ready to start your journey towards safer secrets management? Request access to GitGuardian NHI Governance by contacting your Sales Representative or Customer Success Manager.

Learn more:

• Product Overview
• Documentation
• Blog Post

---

Enhancements​

• Jira Configuration: Introduced a new layout for the Jira Configuration form to enhance user experience and streamline configuration tasks.
• Navigation Improvements:
  • Added persistent section state to remember your navigation preferences and updated browser tab titles for better identification when managing multiple tabs.
  • Added a "Skip to Main Content" button for better accessibility. When using keyboard navigation, pressing the Tab key reveals the button, which allows users to bypass navigation menus and jump directly to the main content area.
• Invitation: Added GET /v1/invitations/{invitation_id} endpoint to retrieve invitation details through the Public API.

Fixes​

• GitLab Integration: Resolved an issue where system hook checks returned a 403 forbidden error when using a read-only token.

  Release Date: April 14, 2025

We're excited to announce Secrets Analyzer, a new enhancement to our secrets detection capabilities.

Secrets Analyzer automatically gathers additional context for detected secrets, including their associated scopes, permissions, ownership, and relevant perimeter information where available.

This added intelligence helps security teams:

• Evaluate the potential impact of a secret incident more accurately.
• Prioritize remediation efforts based on risk level.
• Streamline the overall incident response process.

For details on how each analyzer works, including metadata collected and validation calls:

• Explore the Secret Analyzers documentation.
• View the full list of Available Analyzers.
• See a specific example for the Jira Token Secret Analyzer.

---

Enhancements​

• Incidents: Added a new filter to improve incident categorization based on the presence or absence of Jira Data Center tickets.
• Custom Tags: Users can now create custom tags directly from search queries in the dashboard.
• Custom webhook: Add the team name and webhook name to the custom webhook payload for incidents and occurrences. Learn more.

Fixes​

• GitLab Integration:
  • Fixed an issue where multiple emails were sent for failures in multiple group hooks on the same GitLab instance, ensuring only one email is sent per instance.
  • We improved the process for read-only token installations by automatically detecting and updating the webhook ID if the webhook was created manually.
  • Fixed unnecessary scans triggered by webhooks related to unmonitored repositories.
• Incidents: Fixed a bug that could cause unnecessary data refresh on the incidents list when switching browser tabs.

  Release Date: March 24, 2025

Take control of incident management with custom tags. This feature allows you to categorize, filter, and search incidents using customized labels, offering greater flexibility in tracking and prioritizing incidents, and improving remediation workflows.

For developers, you can interact with custom tags via the API. For more information, visit the API documentation.

For more details on how to use custom tags within the GitGuardian platform, check out our detailed guide.

---

Enhancements​

You now have two options for receiving incident email notifications: "All incidents" (default) or "Only incidents involving yourself (based on your Git commit email)", learn more about email preferences.

  Release Date: March 19, 2025

We are excited to introduce Secret detection for Container Registries, including:

• Azure Container Registry
• Amazon Elastic Container Registry
• Google Artifact Registry
• JFrog Container Registry
• DockerHub

Secrets often end up in container images due to common mistakes during development and image creation, mainly:

• Hardcoding Secrets in Code: Developers may directly embed sensitive credentials, such as API keys or passwords, into application code, which gets packaged into container images.
• Misconfigured Dockerfiles: Commands like ENV or RUN in Dockerfiles can inadvertently expose sensitive data during the build process.

By identifying and addressing hardcoded credentials early in the development pipeline, this feature significantly minimizes the risk of security breaches, helping you prevent the unintended exposure of sensitive information before it even reaches production.

Check out our Blog Post to learn more and our documentation to enable the feature now:

• Amazon ECR
• Azure Container Registry
• Docker Hub
• Google Artifact Registry
• JFrog Container Registry

---

Fixes​

• Jira Cloud Issue Tracking Integration: Fixed an issue where Jira project keys were incorrectly changed during synchronization.

  Release Date: March 10, 2025

We are excited to unveil the "Generic Secret Enricher V1", a machine learning model designed to enhance our capabilities in generic secret detection. This innovative model analyzes the entire context of a document, identifying the company and category associated with a secret, thereby providing meaningful insights to help users understand the origin and type of a discovered secret.

New Features​

• Contextual Analysis: Upon detection of a generic secret, our platform analyzes the full document context to determine the associated provider or category of a secret.

• Efficient Classification: This feature reduces the need for manual classification, enabling users to quickly comprehend the source and nature of a discovered generic secret.

• New Filters: We've introduced three new filters - Provider, Category, Family - to help identify critical generic incidents. To use these, filter your incidents by the "Generic" type, then apply a combination of these filters.

Goals​

Our long-term goal is to provide you with actionable insights, prioritize their generic incidents, and improve their remediation efforts.

Usage​

To use the new filters, simply filter your incidents by the "Generic" type, then apply a combination of the Provider, Category, and Family filters. This will help you identify the most significant or critical generic incidents, such as those classified under "Data Storage" or linked to the provider "Postgresql".

Fixes​

• Jira Cloud Issue Tracking Integration: Resolved an issue where integration entered an invalid state after being uninstalled.
• Microsoft Teams Alerts for Security Incidents: Resolved an issue where the wrong team was displayed during configuration.

  Release Date: February 28, 2025

GitGuardian now integrates with AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, Google Secret Manager, Delinea, and Akeyless through ggscout, letting you sync secret incidents with your Secrets Managers—without exposing sensitive data.

What’s in it for you?

• Prioritize Faster – Instantly see which secrets are already vaulted and focus on real risks.
• Remediate Quicker – Vault unprotected secrets in a click and speed up fixes.
• Streamline Workflows – Leverage vaulted secrets insights directly in GitGuardian.
• Improve Secrets Hygiene – Spot duplicate, weak, or mismanaged secrets with ggscout.
• Simplify Vault Consolidation – Track migrations, filter secrets, and purge outdated ones effortlessly.

  Release Date: February 27, 2025

You can now manage email notification settings more effectively with an option that allow updates through the API, and customize account-level defaults, ensuring a more tailored communication experience for all members. Learn more

---

Enhancements​

• Jira Issue Tracking Integration:
  • Added Incident ID as an optional variable in Jira ticket templates for improved customization.
  • Enabled instant ticket creation in Jira without requiring a predefined template.

Fixes​

• Users & Teams:
  • Incidents: Resolved an issue where restricted users could not view the Vulnerable Sources block.

  Release Date: February 11, 2025

GitGuardian allows you to monitor secret leaks across thousands of your repositories and over 30 different types of sources. It is reassuring to know that this critical secret, which provides access to your corporate LDAP, has not been detected anywhere.

---

Enhancements​

• Scan Only Addition Lines in Commits: Now, when using ggshield or our check runs integration, we only scan for added lines in commits. Developers will no longer be blocked while remediating incidents.
• Jira Issue Tracking Integration: Added support for "Numbers (or float)" and "Group Pickers (single group)" custom fields in Jira templates, allowing more customization in notifications and issue tracking.

Fixes​

• GitLab Integration: Resolved an issue where GitLab installations were incorrectly revoked due to temporary plan downgrades or admin status changes.
• Confluence Cloud Integration: Fixed an issue where some Confluence Cloud events without a spaceKey were incorrectly ignored.
• Incidents: Resolved an issue where restricted users could not view the Vulnerable Sources block.
• Teams Management: Resolved an issue where action menus were not displayed in the teammates table for non-admin users in certain cases.
• Email Notifications: Fixed an issue where emails for ignored and valid incidents were sent to all teams a user belongs to, instead of only the teams managing the affected repository.

  Release Date: January 28, 2025

ServiceNow is now supported for secrets detection and honeytoken detection, enabling automated tracking of security incidents. Learn more

---

Enhancements​

• Jira Data Center Integration: Added support for "User Picker (single user)" custom fields in Jira templates for improved issue tracking. Learn more

Fixes​

• GitLab Integration: Improved support for instances with over 50,000 GitLab projects, enabling better visibility in integration settings.
• Azure Repos Integration: Fixed an issue where organization deletions were not properly synced when using ADO installations in Organization-mode.
• PagerDuty Alerts for Security Incidents: Resolved an issue that prevented real-time alerts from being sent.

  Release Date: January 13, 2025

Bitbucket Cloud Scanning​

Secure your Bitbucket Cloud repositories with secrets detection powered by GitGuardian.

• Detect exposed credentials and secrets in real-time.
• Gain visibility into security incidents directly in your dashboard.
  Learn more

Microsoft Teams Security Alerts​

Never miss a critical security event with real-time GitGuardian alerts in Microsoft Teams.

• Instant notifications when security incidents occur.
• Direct links to investigate issues inside GitGuardian.
  Learn more

Jira Data Center Auto-Tracking for Security Incidents​

Streamline incident response with Jira Data Center integration.

• Auto-create Jira issues when new incidents are detected.
• Sync custom fields for better tracking.
• Auto-resolve incidents when Jira issues are closed.
  Learn more

---

Fixes​

• User Management: Fixed an issue preventing user deletion when associated with saved views.
• Azure Repos Sync: Improved detection and syncing of deleted organizations when using all-org access tokens.

Browse all past GitGuardian SaaS releases, feature updates, and hotfixes below.

December 23, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.129:
  • Added 1 detector:
    • GitLab OAuth Application Token
  • Modified 4 detectors:
    • Base64 Generic High Entropy Secret
    • GitGuardian Test Token Checked
    • MSSQL Credentials
    • Zendesk Token

Bug fixes​

• Check runs: Updated messages to note flagged secrets lack commit references and remain compromised once leaked.
• Validity check: Fixed an issue where the tooltip incorrectly indicated a token was valid for all endpoints when it was valid for only one.
• Jira issue tracking: Fixed issue where line feeds (\n) were not properly translated to hardBreak nodes, ensuring correct spacing in Jira tickets.

December 12, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.128:
  • Added 4 detectors:
    • Jenkins API token
    • chpasswd Username Password
    • Nessus Agent Key
    • Statsig Server Secret Key
  • Modified 1 detector:
    • FTP credentials assignment

Platform​

• Navigation: The menu has been redesigned with a collapsible left sidebar for a cleaner, more organized experience.
• VCS integration: Workspace Managers can now disable automatic repository monitoring in GitGuardian, giving you more control when adding new repositories to your perimeter. For an example, see GitHub integration.

Bug fixes​

• Health Check: Fixed issue where health checks were run for all GitHub installations. Now only the first installation is checked.

December 5, 2024​

Secrets Detection​

• Check runs: Business workspaces now have the option to improve their code security by enabling GitGuardian check runs on their GitHub forked repositories. Learn more here.
• Secret pattern exclusion: This feature allows users to define patterns and therefore hide any secret matching the pattern defined. Secret pattern can be applied to all repositories or a defined set of repositories. It provides greater control over exclusion rules, allowing for more precise management of incidents. Learn more.

Platform​

• User management: SCIM integration allows user deprovisioning in GitGuardian based on changes in your Identity Provider (IdP). User accounts can be automatically deactivated or deleted when removed from your IdP. User and team provisioning will be supported in a future update. For setup details, refer to our documentation.
• Jira Cloud Issue tracking integration: Introduced a template selection dropdown for manual ticket creation.

Bug fixes​

• Performance: Fixed an issue that occasionally caused "504 Gateway Timeout" errors when retrieving memberships.

November 18, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.126:
  • Added 4 detectors:
    • X-API-Key Secret
    • Azure Functions App Key Header
    • Azure Functions App Key Query Parameter

Platform​

• API: A new parameter, send_email: true|false, is now available on endpoints that trigger an email notification, such as when an invitation is created. This allows you to determine whether an email should be sent when using these endpoints. By default, if the parameter is not specified, the email will be sent.
• Health Check: Distribute health checks over time rather than executing them simultaneously. This reduces system load, avoids bottlenecks, and enhances monitoring accuracy.
• GitLab integration: Give the ability to configure an instance-level GitLab integration using a read-only admin token. However, since the token lacks permissions for creating system hooks, manual setup is required. Learn more.

Bug fixes​

• Historical Scans:
  • Fixed UI count on the perimeter page so that "sources successful" now shows the total count of monitored sources, regardless of failed or unscanned sources.
  • Standardized the date format for start and end dates in the status tooltip.
  • Corrected the repo size display in the status tooltip.
• Incidents: Notify team leaders only when a valid secret is intentionally ignored.

November 4, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.125:
  • Added 4 detectors:
    • Cloudflare Tunnel Credentials
    • InfluxDB Token
    • InfluxDB Token with Host
    • Rails Master Key Assignment

Platform​

• API: All Sources endpoints now require specific scopes for access. The new sources:read scope is required for all GET endpoints to retrieve source information, while the sources:write scope is required for the PATCH endpoint to update a source's attributes, monitoring status, and business criticality.
• Settings: To improve navigation on the settings page, we’ve introduced two new dedicated sections:
  • Integrations: Organized by source and destination for easier access.
  • Secrets: Consolidates items previously found under the "Secrets Detection".

October 28, 2024​

Platform​

• ServiceNow Issue tracking integration: This new issue tracking integration allows to create ServiceNow issues from GitGuardian incidents. The feature includes the following:

  • possibility to create a ServiceNow issue directly from a GitGuardian incident;
  • possibility to automate the creation of a ServiceNow issue for any new Gitguardian incident;
  • auto-resolve setting to mark the incident as resolved in your dashboard when the issue is closed in ServiceNow.

  Follow our documentation to configure the integration.

October 21, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.124:
  • Added 1 detector:
    • BitBucket App Password
  • Modified 5 detectors:
    • Generic CLI Option Secret
    • MongoDB CLI Credentials
    • MySQL CLI Credentials
    • PostgreSQL CLI Credentials
    • Redis CLI Password

Platform​

• Check runs: GitHub's custom properties can now be leveraged to override the GitGuardian global configuration of check runs. This allows customization at both the repository and organization levels. For more details, please refer to our dedicated documentation
• Historical Scan:
  • New "Bulk Historical Scans Management" page for easy tracking, filtering, and detailed insights on all scans.
  • Simplify source management with a new filter for instances (e.g., production/staging).
• Members: You now have the option to deactivate a member instead of deleting them. For more details, refer to our documentation.

Bug fixes​

• Validity check: Fixed GitLab checker wrongly marking some secrets as valid by improving token validation (impacting custom host validity checks).
• Perimeter: Fixed inaccurate historical scanning statistics displayed on the side panel of the perimeter page.

October 17, 2024​

Secrets Detection​

• Filepath exclusion: File path exclusions are now applicable to one or more repositories. By targeting file path exclusions to specific repositories, users can significantly reduce the number of irrelevant incidents, enabling more accurate incident management. Learn more.

October 14, 2024​

Platform​

• Analytics Charts: A new page is available in the Analytics menu. This new feature is available for all business users. Analytics Charts is a powerful feature designed to help you visualize and understand your incidents over time. Whether you are a developer, security lead, or manager, Analytics Charts provides valuable tools to track progress, measure performance, and make informed decisions. Access the Analytics Charts.

October 7, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.122: Enhance recall and coverage while expanding the range of detectable secrets with new and updated detectors.
  • Added 3 detectors:
    • Atlassian Access Token
    • Bitbucket Access Token
    • Mistral AI API Key
  • Modified 1 detector:
    • Base64 Generic High Entropy Secret
• VSCode extension: We are excited to announce the release of GitGuardian CLI (ggshield) as a VS Code extension! Files are now automatically scanned upon saving, with detected secrets highlighted in your code and listed as warnings. Additionally, custom remediation messages are provided within your IDE to guide you in resolving any issues efficiently. Download from the marketplace

September 23, 2024​

Secrets Detection​

• Jira Data Center integration: Jira Data Center integration is now supported for real-time secret detection and honeytoken detection.

Platform​

• Saved views: Saved views can now be created in Honeytoken.

Bug fixes​

• Personal access token: Resolved a bug to ensure the lifetime of a newly generated personal access token is strictly less than the maximum permissible duration.

September 9, 2024​

Secrets Detection​

• Confluence Data Center integration: Confluence Data Center integration is now supported for real-time secret detection and honeytoken detection.
• Slack integration: Slack integration is now supported for scanning the full history of your public and private Slack channels to detect leaked secrets.

Platform​

• IP allowlist: Managers can now restrict access to the dashboard and API to specified IP addresses or ranges for enhanced security. This feature is available only for Business accounts. Refer to our documentation for more details.
• Historical Scan: Streamline source management with new filters for failure reasons and last scan date.

Bug fixes​

• Historical Scan: Improved handling of pending states and fixed an issue where sources were reaching the timeout limit.

August 26, 2024​

Secrets Detection​

Secrets detection engine upgrade to v2.120: Enhance recall and coverage while expanding the range of detectable secrets with updated detectors.

• Added 2 detectors:
  • Generic Password YAML
  • Buildkite API Token V2
• Modified 6 detectors:
  • Generic Database Assignment
  • Base64 Generic High Entropy Secret
  • Generic Password
  • Username Password
  • DigitalOcean Spaces Keys
  • reCAPTCHA Key

Note concerning the reCAPTCHA Key detector: Due to changes in the behavior of some Google APIs, we are no longer able to ensure the validity of reCaptcha keys. As this detector could be quite "noisy" the validity of the keys was a mandatory prerequisite in the detection flow and this can no longer be the case. We have however improved this detector to be as efficient as possible.

Bug fixes​

• Jira Cloud Issue tracking integration: Fixed an issue where the assignee dropdown in Jira template creation was incomplete for projects with a large number of assignees due to pagination limits.

August 14, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.117: Enhance recall and coverage while expanding the range of detectable secrets with new and updated detectors.
  • Added 2 detectors: Serpapi Token and Tavily API Key
  • Modified 1 detector: GitLab Token
• Validity check: Business workspaces that self-host service providers can now perform validity checks. They can specify the host against which to run a check in the configuration of separate secret detectors. For example you can perform a validity check for a GitLab token secret against your own GitLab instance. For more details, refer to our dedicated documentation.

Platform​

• GitGuardian CLI (ggshield) custom remediation message: Admins can now customize remediation messages at pre-commit, pre-push or pre-receive stages and provide to developers useful guidance on how to use internal Vaults etc ... See documentation here.
• Saved views: You can now save your most frequently used filters as views for quicker access. Learn more about about saved views here.
• Historical Scan Enhancements: These enhancements provide better visibility and management of the scanning process. They include progress estimation for both individual and bulk scans, along with comprehensive scan status details such as size, duration, start/end dates, number of commits, branches, queue duration, and more.
• Health Check: Let managers manually start health checks from the GitGuardian dashboard so they can address any failed checks immediately without waiting for the next scheduled run.
• Teams: Get simplified team management with a clear designation of team leaders. Changing "can_manage|cannot_manage team permissions" to a "team leader" boolean attribute to designate the team owner. ⚠️ The team_permissions field has been deprecated and replaced by the is_team_leader field in our API for the endpoints /v1/teams/{team_id}/team_memberships and /v1/teams/{team_id}/team_invitations.

July 29, 2024​

Secrets Detection​

• False Positive Remover v1: Our first internal machine learning model halves false positives, ensuring data security and privacy without third-party dependencies. This in-house capability is now available to all Business and Enterprise accounts.
• Remediation tracking: Enhanced the secrets remediation workflow with precise location details for code fixes and real-time tracking of remediation progress. Learn more here.

Platform​

• GitLab integration: Upon installing a new integration for GitLab Community Edition, it is now possible to skip the historical scan (to launch it manually later).

Bug fixes​

• Microsoft Teams integration: Fixed an issue impacting real-time secret detection in Microsoft Teams channels.

July 15, 2024​

Secrets Detection​

• Microsoft Teams integration: Microsoft Teams integration is now supported for real-time secret detection and honeytoken detection.

• Secrets detection engine upgrade to version 2.116: Enhance recall and coverage while expanding the range of detectable secrets with new and updated detectors.

  Added 1 detector

  • JetBrains TeamCity config value
  Modified 3 generic detectors

  • Base64 Generic High Entropy Secret
  • Base64 Generic High Entropy Secret
  • Generic Password
  Modified 78 specific detectors

  We have enhanced our approach to searching for the prefix linked to the secret, considering more complex scenarios. This allows us to improve recall.

  
  

  • Adafruit IO API Key
  • Airtable API Key v2
  • Alchemy API Key
  • Amazon MWS Token
  • Checkout.com Sandbox API Secret Key
  • CircleCI Personal Token
  • Claude API Key
  • Clojars Deploy Token
  • Cloudinary API key URL
  • Contentful Content Management API Key
  • DigitalOcean OAuth Application Token V1
  • DigitalOcean Personal Access Token V1
  • DigitalOcean Refresh Token V1
  • Discord Webhook URL
  • Docker Swarm Join Token
  • Docker Swarm Unlock Key
  • EasyPost API Key
  • Firebase Cloud Messaging API Key
  • Figma Personal Access Token
  • Flutterwave API Key
  • Frame IO Token
  • GitHub fine-grained personal access token
  • GitHub Oauth Access Token
  • GitHub Personal Access Token
  • GitHub Server-to-server Token
  • GitHub User-to-server Token
  • GitLab Token
  • Grafana Cloud API Key
  • Grafana Service Account Token
  • Groq API Key
  • Heartland API key
  • Langchain API Key
  • Linear API Key
  • Base64 Midtrans API Key
  • Notion Integration Token
  • npm Token Prefixed
  • Nylas API Key
  • OpenAI Project API Key
  • Paystack Key
  • Plaid Access Token
  • PlanetScale OAuth Token
  • Postman API Key
  • PubNub Publish Key
  • Readme API Key
  • Riot Games API Key
  • RubyGems.org API Key
  • Samsara API Key
  • SendinBlue Key v3
  • Sentry Org Auth Token
  • Sentry User Auth Token v2
  • Shippo API token
  • Shopify Generic App Token
  • Shopify Private App Token
  • Slack App Token
  • Slack Configuration Refresh Token
  • Slack Configuration Token
  • Slack User Token
  • Sourcegraph Access Token v3
  • Sourcegraph Enterprise subscription Token
  • Sourcegraph License Key Token
  • Sourcegraph Access Token v2
  • Sourcegraph User Gateway Access Token
  • Sqreen Token
  • Square Access Token
  • Stripe Webhook Secret
  • Tailscale API Key
  • Tailscale OAuth Key
  • Tailscale Pre-Authentication Key
  • Tailscale SCIM Key
  • Tailscale Webhook Key
  • Typeform API Token
  • Ubidots Token
  • Vercel Blob Token
  • WakaTime API Key
  • WePay token
  • Yandex Predictor API Key
  • Zillow Key
  • Zuplo API Key

• Incidents: When an incident is ignored with a secret still valid, an email notification is sent to the team manager(s) or to the workspace manager. N.B: this feature is available in the business plan.

• Weekly email recap: From now on, a new section is displayed in the weekly email recap displaying the number of ignored incident with a secret still valid in the last week. N.B.: this feature is available in the business plan.

SCA​

• .NET Support: Scans dependencies for C#, F#, and Visual Basic, broadening the language support.
• Improved Java Support: Transitive dependencies are now scanned in Maven, providing more comprehensive security coverage.

Platform​

• Historical Scan:
  • Skip historical scan of unchanged repositories since the last scan to save time and resources.
  • Filter and sort repositories by scan duration on the Perimeter page for better management.
  • Introduced pending_timeout status in the API to differentiate between scans failing due to timeouts (timeout) and those in the queue (pending_timeout).
• API Enhancements: User feedback on secret incidents is now accessible via the API, providing better incident management and insights. This information is included in the feedback_list field within the secret incidents' payload
• Settings: The data storage location region is now visible in your workspace settings.

Bug fixes​

• Check runs: Addition of an optional Skip action for check runs on forked repositories that detect secrets, preventing a complete blockage for developers.

June 24, 2024​

Secrets Detection​

• Incident details: Addition of a 'per page' selector on the occurrences table.

Platform​

• Members: Renamed 'role' to 'access level' for clarity.
  ⚠️ The role field has been deprecated and replaced by the access_level field in our API for the endpoints /v1/members and /v1/invitations.

June 17, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.115: Enhance recall and coverage while expanding the range of detectable secrets with new and updated detectors.
  • 4 detectors added: Sentry Org Auth Token, Sentry User Auth Token v2, Slack Configuration Refresh Token, Slack Configuration Token
  • 5 detectors updated: Equinix Authentication Token, Sentry User Auth Token v1, Signifyd API Key, Slack Bot Token, Slack User Token

Bug fixes​

• Filepath exclusion: Correct a bug that causes the * character in the exclusion pattern to match at least one character when it should match zero or more characters.

June 10, 2024​

Secrets Detection​

• Confluence Cloud integration: Confluence Cloud integration is now supported for real-time secret detection and honeytoken detection.

June 4, 2024​

Secrets Detection​

• Secrets detection engine upgrade to version 2.114: Enhance recall and coverage while expanding the range of detectable secrets with new and updated detectors.
  • 9 detectors added: ASP.NET Decryption Key, ASP.NET Validation Key, Langchain API Key, OpenAI Project API Key, OpenAI Service Account, Sourcegraph Enterprise Subscription Token, Sourcegraph License Key Token, Sourcegraph User Gateway Access Token, WakaTime API Key
  • 4 detectors updated: Sentry Token, Generic Database assignment, Generic FTP Assignment, Generic Username Password
• Incidents: Periodic secret validity checks enabled for ignored incidents. See documentation here.
• Filepath exclusions: When adding a new rule, show how many new secret incidents will be hidden by the new filepath exclusion, without recalculating existing hidden incidents.

Platform​

• GitLab integration: When a GitLab webhook is found disabled, GitGuardian now attempts to reactivate it automatically (by sending a test payload) before triggering an error message.
• Health Check: Send email notifications when a integration health check fails. For further details, refer to the Configure email preferences page. Note that the notification is not enabled by default for existing accounts and must be turned on manually.

SCA​

• Introduction of the Malicious Package detection, to make sure we protect every organization from packages designed to be harmful.
• Highlight Dependency Confusion risk on private dependencies that were not publicly registered, to help organizations lower their exposure to Dependency Confusion attacks.

May 27, 2024​

Secrets Detection​

• Incidents details: merge commit authors from GitHub are now identified. It is not retroactive.
• API: new endpoint to query the secret incidents of a source.

Bug fixes​

• API: fix a problem causing conflicting information between the UI and the API regarding team permissions.
• Historical scan: attribute automatic historical scans of new repositories to "GitGuardian Bot" in audit logs.

May 20, 2024​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.113 with the addition of 5 new detectors (Nylas API Key,Sourcegraph Access Token v3, Duplo Cloud API Key,Fernet Key, Vercel Blob Token) and the improvement of 10 detectors (Base64 Generic High Entropy Secret, Generic Database Assignment, Generic High Entropy Secret, PostgreSQL CLI Credentials, Postgres assignment attached port, PostgreSQL Pgpass Credentials, PostgreSQL URI, Sourcegraph Access Token v2, Yelp API Key, Google Gemini API Key).

Platform​

• Health Check:
  • introduce tracking for the last execution and last successful execution times.
  • implement periodic health checks to run every hour. This is a Business-only feature.

Bug fixes​

• Custom webhook: fix a bug sending notifications for deactivated secret detectors.

May 13, 2024​

Bug fixes​

• Jira Cloud Issue tracking integration: fix an issue where Jira automatic configurations remained invisible to 'member' role users within the 'All Incidents' team, ensuring uniform visibility across teams.

May 6, 2024​

Platform​

• API: the workspace_id is now included in the payload of API tokens.
• Historical scan: improve historical scan status overview on the perimeter page side bar.

Bug fixes​

• Bitbucket Data Center integration:
  • fix an issue where uninstalling a Bitbucket project inadvertently occurred when a token was removed, despite other valid tokens being present.
  • enhance logging mechanisms surrounding Bitbucket token operations for better troubleshooting.
• Check runs: display accurate error message when a check run fails due to rate limiting.

April 29, 2024​

Bug fixes​

• API: correct a bug that allowed members to view sources they should not have been able to access when using the /sources endpoint.
• Check runs: fix a bug that is causing related incident IDs to be missing in the check run summary.

April 23, 2024​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.111 with the addition of 3 new detectors (Grafana Cloud API Key, Groq API Key, Nx Cloud Token) and the improvement of 1 detector (Generic High Entropy Secret)

Platform​

• Filters: the history of AI queries can now be deleted.

Bug fixes​

• GitLab integration: when re-enabling a disabled webhook in GitLab, the error on the GitGuardian dashboard is now cleared automatically within 20 minutes.
• Filters: the "per-page" selection for each table is now persisted.

April 16, 2024​

Platform​

• Vault integration: CyberArk, a leader in privileged access management, helps secure, manage, and monitor privileged accounts and credentials. This integration leverages CyberArk to securely manage secrets and automate secret rotation, enhancing security alongside GitGuardian's leak detection capabilities. Refer to our documentation for more details.

April 15, 2024​

Secrets Detection​

• Secrets detection engine: Generic CLI Secret and Generic Database Assignment detectors are now supported and active by default for data sources other than VCS.
• Secrets detection engine: upgrade to version 2.110 with the addition of 4 new detectors (Dropbox Key, Midtrans API Key, Sanity Token, Zuplo API Key) and the improvements of 3 detectors (Artifactory Token, GoCardless API Key, Plivo Auth Tokens).

SCA​

• Add the last modification date of the dependency files to the SCA incidents along with the dedicated filter.

Bug fixes​

• GitLab integration: fix an issue where the installation status was incorrectly displaying as 'no longer monitored' in the tooltip, despite being actively monitored.

April 10, 2024​

Secrets Detection​

• Jira Cloud issue tracking integration: introduction of a new version of our Jira Cloud integration for issue tracking. It now offers
  • automatic creation of a Jira issue as soon as a new incident is triggered,
  • management of Jira custom fields,
  • and an auto-resolve feature that marks the incident as resolved in your dashboard when the issue is closed in Jira Cloud. More information available in the documentation.

April 8, 2024​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.109 with the addition of 2 new detectors (Azure Open AI API key, Kubernetes Docker Secret) and the improvement of 4 detectors (GitLab Token, Google API Key, Okta Keys, Slack Bot Token)

Honeytoken​

• Context creation strategies for honeytoken deployment jobs now allow to choose only dynamic contexts.

Platform​

• Incidents details: introduction of a secret identity card on each secret incident detail page.
• Privacy mode: this (mode) allows to obfuscate secrets and other sensitive information on the GitGuardian UI.

Bug fixes​

• Incidents: resolve a bug triggered by secret incidents detected by custom detectors, causing the incidents list to fail to load.
• Check runs:
  • improve error collection on check runs.
  • fix an issue where GitHubNotFound errors prevented the completion of check runs.

April 2, 2024​

SCA​

• Shifting left metrics available in SCA analytics to demonstrate the impact of ggshield’s use in CI.

March 25, 2024​

SCA​

• add support for PHP dependencies.
• add the EPSS score to the incidents along with its dedicated filter.

Bug fixes​

• Incidents: resolve a loading error encountered when utilizing the "occurrences count" filter.
• Audit log: correct the logs related to the creation and removal of teammates through the API.
• GitLab integration:
  • fix GitLab installation check task issue affecting system hook installations.
  • fix an issue with sending emails to users who are no longer token owners within the GitLab installation.

March 18, 2024​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.108 with the addition of 3 new detectors (Snowflake API credentials, Replicate User Access Token, Workato API Key) and the improvement of 3 detectors (Rails Master Key, Generic password, Generic High Entropy secret)
• Incidents: it is now possible to filter on Occurrences count.
• Check runs: skip actions are now aligned with the ignored reasons (false positive, test credential, low risk). Tags (Tagged as [false positive|test credential|low risk] in check runs) are added to the corresponding secret incident when this action is taken.
• API: the breakdown of secret incidents by severity is displayed in the payload of the sources.

Bug fixes​

• Bitbucket Data Center integration: improve handling of token revocation to prevent issues when a repository changes ownership.

March 11, 2024​

SCA​

• SCA: add support for PHP dependencies.

Bug fixes​

• Health Check: improve health check error messages by differentiating between SaaS and self-hosted environments and utilizing non-HTTP status-like codes.
• Incident details: fix an issue on the git patch restricted visibility feature that was preventing members from seeing the patch they were involved in based on email matching.
• Jira integration: fix an issue that was hindering the assignment on JIRA tickets upon creation.

March 4, 2024​

Platform​

• GitHub and GitHub Enterprise Server integration: the integration settings have been updated with actions to easily configure write permissions essential for Honeytoken deployment jobs. Learn more with our documentation for GitHub or GitHub Enterprise Server.
• Incidents: tags are exposed in the All occurrences CSV report.

Bug fixes​

• GitLab integration:
  • fix an issue where the GitLab instance URL was incorrectly displayed instead of the GitLab token name.
  • remove the "Check Again" button from the health check for users on the Free plan.

February 26, 2024​

Secrets Detection​

• Jira Cloud integration: Jira Cloud integration is now supported for real-time secret detection and honeytoken detection.
• Secret SLAs: add the "First detected" date in incidents details and the associated filter in the Secret incident dashboard.

February 19, 2024​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.106 with the improvement of 3 detectors (Generic Password, Generic High Entropy Secret, Base64 Generic High Entropy Secret).

Honeytoken​

• Honeytoken deployment jobs: automate the deployment of honeytokens in your code repositories from GitLab, GitHub and GitHub Enterprise Server! This is a business-only feature. Read more about Deployment jobs in our documentation.

February 13, 2024​

Platform​

• Check runs: improve causes of errors transparency and timeouts in the check run summary.

IaC​

• IaC Security: shifting left metrics available in IaC analytics to demonstrate the impact of ggshield’s use in CI.

Bug fixes​

• Bitbucket Data Center integration: correct failure message and re-check button when the Bitbucket integration stops working.
• Historical scan: fix an issue with missing audit logs for historical scans.
• GitHub integration: performance improvement when a lot of repositories are added at the same time.

February 6, 2024​

Bug fixes​

• Bitbucket integration:
  • fix an issue which revoke the access token when the project only has read permission.
  • syncing installs with a new token now correctly retains projects linked to the old token, preventing unintended deletion of all projects.

January 29, 2024​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.105 with the addition of 1 new detector (Square Token).

Platform​

• Incidents: exporting CSV secret incidents now allows changing the separator used, comma (default) or tab. More details in the Export data section of the documentation.
• Check runs: the incident status is displayed in the GitHub check run details.

January 22, 2024​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.104 with the addition of 2 new detectors (Bunny.net API Key, Hugging Face user access token) and the improvement of 4 detectors (Beamer API Key, NuGet API Key, Paypal OAuth2 Keys, Twitter Tokens).
• Secrets detection: for a better recall experience, all detectors are now activated by default on every new workspace and on existing workspaces under the Free plan. 3 detectors used to be deactivated by default: Generic Password, Username password and Base64 Generic High Entropy Secret.

Platform​

• SSO: the option 'Force SSO' applies to owners as well when enabled. More details in the Force SSO section of the documentation.
• Azure repos integration: improvement of the billing metrics. You now must check the Graph:Read scope in your Personal Access Token. More information in our VCS integrations documentation.

Bug fixes​

• GitHub integration: disable repositories are now marked as such when searching GitHub integrations.
• GitLab integration (group hooks): we now detect and notify by email and raise a healthcheck error when a GitLab group hook was disabled by GitLab, causing the monitoring not to work anymore.

January 15, 2024​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.103 with the addition of 4 new detectors (CircleCI Project Token, Claude API Key, Grafana Service Account Token With Host, Klaviyo API Key) and the improvement of 4 detectors (CircleCI Personal Token, Django Secret Key, Generic High Entropy Secret, Heroku Platform Key).

January 9, 2024​

Secrets Detection​

• Slack integration: Slack integration is now supported for real-time secret detection and honeytoken detection.
• Incident details: update of the default remediation workflow.
• Secret incidents: addition of 2 new columns (element_url, author_name) in the CSV report of secret occurrences to support other data sources.
• API: addition of hsml_hash in the payload of secret incidents. The hsml_hash is used to discover the potential public leaks of your secrets using Has My Secret Leaked.

IaC​

• IaC Security: addition of a new tag named Ignored using ggshield to highlight incidents ignored using ggshield.
• IaC Security: addition of a new playbook for auto ignoring incidents that are ignored using ggshield. This is a Business-only feature and can be deactivated.

Platform​

• Check runs: the preview of the "How to remediate" instructions in markdown is enhanced when you customize them.
• Custom detectors: improve error messages for invalid regex when requesting a custom detector.

Bug fixes​

• GitLab integration: fix an issue where revoked tokens weren't detected as such if not actively used by a configured GitLab group.
• Force SSO activation: fix an issue where authentication page “Force SSO Toggle” enabled “By default to all incident team” toggle as well.

December 11, 2023​

Secrets Detection​

• Secrets detection engine: upgrade to version 2.102 with the addition of 8 new detectors (Base64 AWS IAM Keys, Base64 AWS SES Keys, Readme API Key, Tailscale API key, Tailscale oauth key, Tailscale pre-auth key, Tailscale SCIM key, Tailscale webhook key) and the improvement of 1 detector (Vercel API Access Token).

IaC​

• IaC Security: Azure Repos integration is now supported for monitoring your IaC misconfigurations.

November 27, 2023​

Features​

• Azure Repos integration: the monitoring of your Azure Repos repositories is now done in real-time. Refer to the documentation for more details.
• Filters: a new way of filtering pages, more streamlined and intuitive.
• Jira Cloud integration: jira issues can now be created without assigning them to anyone.
• Source criticality: a new parameter at the source level to help users prioritize their Secret, SCA, and IaC incidents. Refer to the documentation for more details.
• SCA & IaC grant access: access can now be granted to Members on specific SCA and IaC incidents.
• IP allow-listing for Honeytoken: it is now possible to add IP ranges to an allow-list, ensuring events from these IPs won’t trigger the honeytokens. Learn more about IP rules.
• Secrets detection engine: upgrade to version 2.101 with the addition of 1 new detector (Airtable API Key v2) and the improvement of 4 detectors (Generic High Entropy Secret, New Relic API Service Key, GitLab Enterprise Token, GitHub App Keys).

Bug fixes​

• API: fix /secret_detectors endpoint to filter out detectors that have been administratively disabled by GitGuardian.

November 15, 2023​

Features​

• Incident details: listing of places where secrets have been publicly leaked.
• Secrets detection engine: upgrade to version 2.100 with the addition of 2 new detectors (Sourcegraph Token, Cohere API Key) and the improvement of 2 detectors (Jira Token, Atlassian Oauth2 Keys).

Bug fixes​

• GitHub integration: handling of GitHub app ownership transfer: It is now possible to change ownership without deleting the self-hosted application.
• Incidents: filtered results in CSV export: CSV export keeps the filters applied.
• GitHub integration: improvement of checkruns to support the GitHub Merge Queue feature.

October 30, 2023​

Features​

• IaC Security: introduction of a new "Source Criticality" field and filter to help prioritization of IaC incidents (for IaC beta testers only). Note that the Source Criticality must first be defined in the Perimeter page.
• Teams: users can now filter the incidents and the perimeter pages based on their teams. Managers have the flexibility to filter any team, while Members can only filter their own teams.
• Secrets detection engine: upgrade to version 2.99.1 with the addition of 2 new detectors (Google Bard, Webflow API token) and the improvement of 4 detectors (Microsoft Azure Storage Account key, SSH credentials, Generic High Entropy Secret, Generic password).

Bug fixes​

• Azure repos integration: installation status now persistently remains until completed during user navigation.
• Azure repos integration: removing a token no longer causes a crash in other installation.
• Bitbucket Data Center integration: prevents connection errors from revoking a Bitbucket token, letting instances go through maintenance without needing to re-enter their token afterwards.

October 16, 2023​

Features​

• Incident details: git patches of occurrences can now have restricted visibility to only the teams and developers involved with the occurrence, thanks to a workspace setting.
• Incident details: if the git patch of an occurrence is too large, a link to the Version Control System is displayed instead.
• API: New endpoint to retrieve secret incidents of a team.
• IaC Security: introduction of new remediation analytics accessible on the platform (for IaC beta testers only).
• ggshield: ggshield auth login flow now asks you to confirm scopes.

Bug fixes​

• Teams: fix a bug that caused incidents belonging to an unmonitored repository to still be visible to the team.

October 3, 2023​

Features​

• Historical scan: addition of some details in the status tooltip, including scan duration and number of commits and branches scanned. For failed scans, the tooltip now also displays the reason for the failure.
• API: a rate limiting is now applied. Refer to our documentation for more details.
• Secrets detection engine: upgrade to version 2.98 with the addition of four new detectors (Aiven, Infracost API Key, Rollbar API Access Token, Vercel API) and the improvement of 2 detectors (Okta Keys, Username Password).

September 28, 2023​

Features​

• Incidents: addition of the Publicly leaked tag to secret incidents that have been leaked outside of your perimeter on public GitHub. Refer to our documentation for more details.

September 21, 2023​

Features​

• Incident details: a limit of 1000 occurrences per incident is now in place.
• Onboarding: addition of links redirecting to the Get Started page in the notifications when the first scan is complete.
• Secrets detection engine: upgrade to version 2.97.
• Alerting integrations: alerting integrations are now available at team level. More information in our teams documentation.

Bug fixes​

• Check runs: fix neutral check runs being created on workspaces with check runs disabled.
• Notifications: fix Linkedin link in email footer.

September 4, 2023​

Bug fixes​

• Custom detectors: update the message when a custom detector request cannot be edited due to its current status.
• Incident details: fix a bug causing the absence of an expiration date on public share links generated by the Auto-healing playbook.
• Health check: prevent UI from crashing on unknown Health check error code.
• API: fix timeout issues on the /occurrences/secrets endpoint when using a date filter.
• SSO: fix conflict happening when signing up via SSO while having a pending invitation.

August 22, 2023​

Features​

• IaC Security: addition of a waiting list for joining the IaC beta program.
• IaC Security: introduction of monitoring and remediation IaC features on GitGuardian's platform.
• IaC Security: introduction of new ggshield pre-commit, pre-push, pre-receive and ci IaC subcommands.
• Secrets detection engine: upgrade to version 2.96 with the addition of two new detectors (Generic Terraform Variable Secret, CARTO API Access Token) and the improvement of 2 detectors (Generic Password, Base64 Basic Authentication).

August 7, 2023​

Features​

• Incidents: addition of a waiting list for the upcoming feature of secret detection in data sources other than VCS.
• Incident details: the public sharing is now a workspace setting.
• Secrets detection engine: upgrade to version 2.95 with the addition of two new detectors (Databricks Authentication Token With Hostname, Hashicorp Vault Token).

Bug fixes​

• Incidents: fix the sorting of incidents by severity when some severities are automatically set.
• Incidents: fix wrong occurrence count on incident page.
• Incidents: the tooltip displaying the sources is now displayed correctly.
• Custom webhook: fix duplicate notifications being sent when setting incident severity using a bulk action.
• API: fix invalid link in personal access token expiration email notification.

July 25, 2023​

Bug fixes​

• Custom webhook: fix notifications for when a bulk action is performed. Previously, only one notification would be sent for the first incident affected by the bulk action. However, now notifications are sent for each incident that is modified by the bulk action.

July 24, 2023​

Features​

• Incident details: the public sharing toggle has been moved to the "Grant access" modal, which has been renamed to the "Share" modal. For a more detailed explanation, please refer to our collaboration and sharing documentation.
• Incidents: add an explanation tooltip to the "Default branch" tag.
• Integrations: modification of the Integrations and Settings/Integrations pages.
• Secrets detection engine: upgrade to version 2.94 with the addition of four new detectors (Azure Active Directory API Keys, Docusign API Key, Pinecone API Key, Pinecone API Key and environment) and the improvement of two detectors (Generic Password, Coveralls Personal Token).

Bug fixes​

• Personal access tokens: personal access tokens can now be searched by name, and ordering by name now works correctly.

July 10, 2023​

Features​

• Incident details: filters have been added to the occurrences table.
• Honeytokens: addition of country flag next to the IP address in the events table.
• Honeytokens: new IP tagging feature: it is now possible to create custom rules to assign tags to honeytoken events based on their IP address. Use this to recognize events originating from known IP addresses, such as those internal to your organization. For more information, check out the documentation here.
• API: new endpoints to manage labels for honeytokens.
• Secrets detection engine: upgrade to version 2.93 with some detection improvements.

Bug fixes​

• API: fix an error preventing the creation of an invitation when the role was not specified.

Deprecation​

• Custom webhook v1: the feature has been replaced by the event-based custom webhooks. More information in the documentation here.

June 26, 2023​

Features​

• Incidents: addition of the Default branch tag to secret incidents that occurred on the default git branch of a repository.
• Secrets detection engine: upgrade to version 2.92 with the addition of two new detectors (AWS SES Keys, Forest Admin API Key) and the improvement of six detectors (Atlassian Oauth2 Keys, Contentful Content Delivery API Key, Etsy Developer Key, GitLab Token, HubSpot API Key, MS Team webhook).
• API: managers of workspaces under the Business plan can now enforce a maximum lifetime for personal access tokens generated on their workspace.

Bug fixes​

• PagerDuty Integration: title update in PagerDuty incidents to eliminate confusion regarding the number of occurrences.

June 12, 2023​

Features​

• Incident details: feedback about the incident can now be submitted in a standardized way through a form that is available on the incident's page. Refer to this page for more information on how to use this form effectively and involve your developer population during the remediation process.
• Incidents: addition of new filter to select the incidents that are publicly shared.
• Teams: team owners with the Member role can now invite brand new users to the workspace when adding teammates to their team. This is a Business-only feature and can be deactivated. For more details, please refer to this page.
• Grant access: users with Full access incident permissions can now invite brand new users to the workspace when granting access to an incident. This is a Business-only feature and can be deactivated. For more details, please refer to this page.
• Honeytoken: a new button "How to test your honeytoken" has been added to make it easier to test the trigger and alerting mechanism.
• Honeytoken: clicking on the honeytoken Publicly exposed tag now opens a modal that shows all the public commits where the honeytoken was discovered by GitGuardian.
• Honeytoken: it is now possible to filter events based on their tags (AWS internal, GitGuardian Public Monitoring IP).
• Honeytoken: it is now possible to manage labels from the Honeytoken settings page.
• Secrets detection engine: upgrade to version 2.91 with the addition of two new detectors (Tableau Personal Access Token, Yelp API key) and the improvement of two detectors (GitHub Access Token, OpenAI API Key).

Bug fixes​

• Teams: fix a bug that prevented invitees, who already had a GitGuardian workspace, from being added to the expected teams when they accepted an invitation.
• Emails: button URLs are now hardcoded to prevent a bad user experience when the button is not visible due to HTML-escaping by email providers.

May 30, 2023​

Features​

• Custom severity rules: new option to recompute severity scoring manually.
• Secrets detection engine: upgrade to version 2.90 with the addition of two new detectors (Palantir JWT, Figma Personal Access Token) and the improvement of one detector (LDAP credentials).
• Honeytoken: “Created at” column has been added to the honeytoken list, and it is now possible to sort on this property.
• Honeytoken: honeytokens can now be searched by ID.
• Honeytoken: an email notification is sent when a honeytoken is found to be publicly exposed.
• API: labels are added to honeytoken endpoints.

Bug fixes​

• ggshield: fix a redirection issue upon usage of ggshield auth login.

May 15, 2023​

Features​

• Custom severity rules: the severity ruleset used by the automated severity scoring is now customizable to maximize the coverage of automatically scored incidents.
• Automated severity scoring: automated severity scoring is now activated by default for all workspaces under the Free plan.

Bug Fixes​

• Authentication: fix broken email confirmation link when registering with email and password.
• User signup: fix user signup email verification link.

May 2, 2023​

Features​

• Automated severity scoring: automated severity scoring is now activated by default for new workspaces.
• API: secret detectors are now exposed in the API
• Secrets detection engine: upgrade to version 2.89 with the addition of five new detectors: Azure Cosmos DB Credentials, Redis Server Password, DigitalOcean Refresh Token, DigitalOcean OAuth Application Token and DigitalOcean Personal Access Token.

Bug fixes​

• Custom severity rule: fix wrong timeline when setting a manual severity to an incident having only an automatic severity.
• Grant access: copy-pasting now works correctly.

April 17, 2023​

Features​

• Incidents: filepaths can now be searched in the free text search of the secret incidents table.
• Secrets detection engine: upgrade to version 2.88 with the addition of two new detectors: Cloudinary API keys and MongoDB Atlas Keys.

Bug fixes​

• Incidents: performance for loading secret incidents has been improved for workspaces with a large number of incidents.
• Loader: fix loader size in incident and Perimeter pages.
• API: comment field is now required on incident note creation endpoint.

April 11, 2023​

Feature​

• Honeytoken: introduction of new Honeytoken icon in the sidebar: module is coming soon! Join the waitlist to be notified when it becomes available.

April 3, 2023​

Features​

• Custom remediation workflow: remediation workflow is now 100% customizable thanks to the deletion of the last static step.
• Secrets detection engine: upgrade to version 2.87 with the addition of a new detector (Keycloak Api Keys).
• API: new endpoints are added for API tokens management (personal access tokens and service accounts).
• API: new fields resolver_id and ignorer_id are available into the secret incident payload.

Bug fixes​

• VCS Integrations: Bitbucket instances can be deleted even if the account is no longer in the Business plan.
• Detectors list: when the validity checks are disabled, the detectors are sorted by status.
• Notifications: fix empty emails being sent after an occurrence was found during real time scan.
• Personal access tokens: Restricted users now only see the scan scope in the personal access token form.

March 20, 2023​

Bug fixes​

• Jira integration: Jira ticket creation CTAs are hidden for workspaces without a single Jira site installed.
• Jira integration: fix permission issues by disabling the configure button for users without a Manager role and allowing users with the Restricted role and can edit permissions to create a Jira ticket.

March 6, 2023​

Features​

• Subscription: New and existing users can subscribe to a Business plan via the AWS Marketplace.

Bug fixes​

• Members: fix invitation link for new members.

February 20, 2023​

Bug fixes​

• ggshield: ggshield auth login flow now expires after 5 minutes.
• Incidents: performances when filtering incidents on a detector are improved.
• VCS integrations: fix broken links to documentation.

February 15, 2023​

Features​

• Automated severity scoring: incident severity can now be scored and assigned automatically.

February 6, 2023​

Features​

• Azure Repos: addition of a loader and notifications when an organization is being installed.
• API: add filters to multiple endpoints

Bug fixes​

• GitHub: fix the integration of a GitHub installation with a large number of repositories.
• Incidents: fix performance issue when filtering on detectors.
• GitHub: fix check-runs running forever by enforcing a timeout.

January 23, 2023​

Features​

• Alerting integration: introduction of the new Jira integration. More information available in the documentation.
• API: Specify missing scopes in error message when the API token being used doesn't include the appropriate scopes.

January 10, 2023​

Features​

• Azure Repos: Azure Repos integration is now available. You can scan your Azure Repos repositories for secrets detection.

January 9, 2023​

Features​

• IaC: add analytics page to monitor IaC scanning usage (beta).
• Perimeter: improve display of the historical scan's last status information.

Bug fixes​

• Members: Restricted users can now be promoted without requiring to add them in a team.

December 21, 2022​

Features​

• Custom Remediation Workflow: Remediation workflow can now be customized in the settings.

December 15, 2022​

Features​

• VCS integrations: workspaces with less than 25 contributing developers can now monitor their private collaborative repositories for free.
• SSO: SSO configuration is enabled for all plans (free and business).

December 13, 2022​

Features​

• Custom webhook: addition of the new event-based custom webhook integration.
• Teams: addition of a description field for your teams.
• Teams: the "all-incidents" team is now visible in the members table.

Bug fixes​

• SSO: fix "sign in" redirection for SSO connection.

November 28, 2022​

Features​

• API: expose external_id representing the VCS id of a source in API source payload.
• Historical scan: increase the maximum size of the historical scan from 1GB to 12GB for Business workspaces.

Bug fixes​

• Historical scan: reduce errors during scans of large repositories.
• Members: fix the sorting when navigating through pages.

November 15, 2022​

Features​

• Historical scan: new email template for historical scan report.

Bug fixes​

• GitLab integration: handle timeout errors when setting up a new instance.
• Playbooks: fix incorrect default permission can view applied with auto-access playbook instead of correct can edit.
• Filepath exclusions: ignore hidden occurrences in the auto-access playbook and notifications.
• Custom webhooks: fix incorrect event names.

November 3, 2022​

Features​

• Azure Repos: introducing Azure Repos integration. This feature is available in beta upon request.
• Custom webhooks: update the action field with more user-friendly messages.
• Perimeter page: update the information displayed in the Protection section.
• Analytics: addition of all the ggshield modes to the Analytics section.

Bug fixes​

• Check runs: when deactivating a check run, finish the processing if it was already in progress.
• Custom webhook: remove matches from webhooks' new occurrence.

October 17, 2022​

Features​

• Teams: introducing team management within a workspace and granular incident permissions (can view, can edit, full access) for business workspaces.
• Playbooks: new Auto-resolution playbook to automatically close incidents that have once been valid and that become invalid.
• Share link: prevent valid secrets from being "marked as revoked" in the public sharing page of a secret incident.

Bug fixes​

• GitHub: fix display latency observed for big GitHub organizations.
• Settings: fix start trial links not redirecting to correct page.

October 3, 2022​

Features​

• Incidents: selection is maintained after a bulk action.
• API: add an ordering filter on the /incidents/secrets list endpoint.

September 21, 2022​

Bug fixes​

• Custom webhook: Fix assign action that was replaced by reassign.
• Incidents: Provide a more user-friendly error message when a bulk action can't be applied to the selected incidents.

September 8, 2022​

Features​

• Custom webhook: New Member payload for the Grant/Remove access action.
• Members: Notification is sent to users who are removed from a Workspace.

Bug fixes​

• Custom webhook: Remove the resolve_reason field from all payloads.

August 22, 2022​

Features​

• API: enrich Members section with retrieve and delete endpoints.

Bug fixes​

• Incident details: Searching GitHub pull requests associated with an issue can be performed on a specific #ID and repository name.
• GitHub: do not display "scan integrated repositories" modal if autoscan is on.

August 9, 2022​

Features​

• API: handle invitations on grant/revoke access endpoints.
• API: addition of a filter by role and a search on name and email for the /members endpoint.

Bug fixes​

• Incident: secrets with validity status "failed to check" are no longer checked automatically after they have been marked as resolved.
• Incident: the button to manually check the presence in git history remains when the incident is closed.
• Incidents: Fix icon for the 'info' severity badge.

July 27, 2022​

Features​

• GDPR: closing the banner now automatically rejects the consent and the consent is stored for 6 months.
• Incidents: include unaffected count for bulk actions.
• API: add filters to the audit log list endpoint.

Bug fixes​

• Custom webhooks: fix the webhook event based signature.
• GitLab integration: allow gitlab installation deletion when your business trial expired.
• GitLab integration: keep unmonitored projects unmonitored.
• API: API respects the validity checks setting ON/OFF.

July 11, 2022​

Features​

• API: add an endpoint to fetch the audit logs. API key needs to have the new audit_logs:read scope to query the endpoint.
• API: tags are exposed in the incidents endpoint.
• CSV: tags are exposed in the csv report of secrets incidents.
• Perimeter: the repository name is now a link to the incidents list filtered on this repository. The link to the VCS is also available as a popup icon.

Bug fixes​

• Perimeter: fix bug preventing Members to launch historical scans.

Deprecation​

• API: deprecated issue_id in favor of incident_id on incident note management endpoints.

June 27, 2022​

Features​

• Alerting: the custom webhook alerting is now event-based. More information in the dedicated documentation.
• API: the /occurrences endpoint can be filtered by author_name and author_info.

Bug fixes​

• Detectors: activating and deactivating detectors is now forbidden for Members.

June 14, 2022​

Features​

• Members: invitations can be resent through the dashboard.
• API: add endpoints to manage invitations. API key needs to have the new members:write scope to query those endpoints.
• API: add endpoint to set severity of a secret incident.

Bug fixes​

• Service account: fix a permission error allowing all roles to modify service accounts.
• GitHub: fix re-run action of old check runs to show an explicit error.

June 1, 2022​

Features​

• ggshield: setting up ggshield is made easy with the new ggshield auth login command. More information in the dedicated documentation.
• Grant access: notify Restricted users by email when they are granted access to an incident.
• Members: notify users by email when their role is updated.
• CSV: add status, ignore_reason and status_revoked columns to the CSV export of secret incidents.
• CSV: add occurrence_id column to CSV export of occurrences.
• CSV: return the dates in isoformat.

Bug fixes​

• GitLab: adding a GitLab project that had been deleted now correctly set it as monitored.
• Analytics: pre-receive mode is displayed correctly in the shift-left panel.

Deprecation​

• ggshield:: since v1.12 of ggshield, ggshield scan and ggshield ignore commands are deprecated, use ggshield secret scan and ggshield secret ignore instead.

May 17, 2022​

Features​

• GitHub: expose base/head branch of GitHub pull requests.
• Incident: mark the third remediation step "rewrite git history" as optional.

Bug fixes​

• GitHub: explicitly neutralize old check runs that are re-run.
• GitHub: users with an email address that has a reserved email domain can no longer register via GitHub SSO, but they can still log in if SSO is not forced.
• Incident: fix grant access modal broken when too many Restricted users.

May 2, 2022​

Features​

• API: move the Personal access tokens to the API section.
• Check runs: improve success message in GitHub UI.

April 19, 2022​

Features​

• API documentation: the organization of the API documentation has been reworked for better readability.

Bug fixes​

• Grant Access: Members in Business workspaces can give access to restricted users but can’t invite new users by typing email addresses.
• Incident details: timestamp of last presence check is updated synchronously upon manual check.
• CSV Export: disable timeouts.
• Incidents: improve performance on the incidents table.
• Detector: improve performance of table of detectors for workspaces with many incidents.

April 4, 2022​

Features​

• Incidents list: display repository state (unmonitored or deleted) on incidents list and incident detail pages.
• API: adapt API to be compatible with personal access tokens.
• Personal access tokens: Managers can monitor the Personal access tokens created on the workspace in the API section.

Bug fixes​

• Incident detail: prevent users with role Restricted from sharing externally the incident
• Historical Scan: fix a bug leading to automatic historical scans being stuck in “Pending” state
• Bitbucket Data Center: Deleting a Bitbucket integration deletes the webhook created on the Bitbucket instance.

March 23, 2022​

Features​

• API: introduction of a new type of API keys: the Personal Access Tokens.
• Audit Log: add audit log for “Service Account”.
• API: new endpoint to list workspace members having access to an incident.
• API: New pages are now available in the API section: Quota, Service Account and Secrets detection playground.

Bug fixes​

• Check runs: Enforce the 65K characters limit on check run templates.
• SSO: Fix small Okta logo and missing sso name.
• Secret detectors: Fix the display of detector logos being sometimes too small.
• GitLab: Disallow group hook integration on namespaces that are not in the GitLab premium plan.

March 7, 2022​

Features​

• Bitbucket integration Bitbucket repositories can now be scanned automatically upon their integration.

Bug fixes​

• Filepath exclusion: improve performances on the filepath suggestions

February 21, 2022​

Features​

• API: new endpoint and scope to list members of a workspace
• API: new fields exported in the Source payload: health, last_scan, open_incidents_count and closed_incidents_count
• API: add option to filter sources by health and last scan status
• Grant access: ability to invite new Restricted users directly from an incident.
• GitLab: GitLab repositories can now be scanned automatically upon their integration.

February 9, 2022​

Features​

• Perimeter: add filtering capability on last scan status.
• Detectors: addition of the number of secret incidents for each detector in the table of detectors.
• Custom detectors: add questions in Additional notes placeholder
• Custom detectors: Business plan users can now extend GitGuardian's secrets detection engine to support secrets specific to their organization.
• GitHub check runs: GitGuardian incidents and GitHub check runs are now linked.

Bug fixes​

• RBAC: Auto-healing playbook is no longer case sensitive for email matching

January 24, 2022​

Features​

• Members: added filtering and sorting on the members and invitations tables.
• Detectors: display detector type (generic/specific) in the table.
• Incidents list: enable bulk actions for Restricted users
• GitHub: handle Organization renamed event
• Filepath exclusions: actions on filepath exclusion are now added to activity logs

Bug fixes​

• Incident detail: fix horizontal scroll for very long lines in git patch
• Analytics: fix bug when switching the aggregate (day/week) in the analytics.

January 17, 2022​

Features​

• Integrations: sort sources alphabetically by default.
• Incident detail: improve the right sidebar scrolling behavior.

Bug fixes​

• GitHub SSO: users can link their existing GIM account through the GitHub SSO, unlocking the authentication flow without a configured password.
• Validity check: fix bug that could make the validity check less frequent than expected.
• Presence check: fix bug that could make the presence check less frequent than expected.

December 17, 2021​

Features​

• API: add the ability to create, update and delete incident notes.

Bug fixes​

• Bitbucket Data Center: fix the loader and empty states during various installation steps.

November 30, 2021​

Features​

• Settings: add the Regression setting. Managers can decide whether a new occurrence of a previously resolved incident reopens it.

Bug fixes​

• Incident detail: improve performance of issue detail pages when there are a lot of occurrences by paginating them.
• Analytics: Display deleted sources in the "Top 5 sources" panel.
• API: Return a valid JSON when maintenance mode is active.

November 14, 2021​

Features​

• API added secret validity information.
• API: new scope incident::share.
• API: add new endpoints for grant access and revoke access actions.
• Custom webhook: added validity and severity to payload.

Bug fixes​

• Analytics: fix the links to the incident list filtered by detectors.
• Historical scan: handle merge commits during historical scan.
• Incident details: fix the git patch component not highlighting secrets properly when there was a context before the first hunk header.

November 3, 2021​

Features​

• GitHub: GitHub repositories can now be scanned automatically upon their integration.
• GitHub check runs post a comment in pull request timeline upon detection of a secret.
• Integration add links to the Version Control System for each repository.
• GitLab implement the token edition token for group hook integration.
• Historical scanning implement bulk scan cancellation.
• Audit log ability to search audit logs by incident ids and event name.

Bug fixes​

• Incidents fix activity logs of incidents ignored via API.
• Navigation fix backward navigation broken when visiting a page with existing filters persisted in the URL query params.
• Analytics fix the "count of secrets per 1000 commits" stat that included secrets for historical scans.

October 18, 2021​

Features​

• GitHub automatic scan of new repos added on GitHub.
• API added severity information in incident payload.

October 13, 2021​

Features​

• RBAC introduction of the Restricted role and the Auto-access granting playbook.
• API new endpoint for the ability to share and unshare an incident.
• Footer add footer with detection engine and status page.
• Detectors add links to documentation for each detector.
• GitLab handle GitLab.com integration with multiple GitLab groups.
• Audit log add audit log for check runs setting.

Bug fixes​

• Validity check backpopulate the uncheckability of old Google keys.
• Settings fix Members table pagination reset on change.

September 20, 2021​

Features​

• Incidents: introduction of validity checks for secret incidents. Ability to trigger the validity check manually.
• Presence check add presence information to incidents in the CSV report and the API occurrence payload.
• GitHub delete installation dangling for more than 6 months.

Bug fixes​

• Incidents increase source filter limit to 500.
• Incidents fix a performance issue when filtering by presence.
• Perimeter fix related incidents count not updated after incident update.

September 7, 2021​

Features​

• Incidents: introduction of presence checks for secret occurrences. Ability to trigger the presence check manually.
• API: new search and filtering capabilities

Bug fixes​

• Historical scan: Fix pending scans running forever.

August 11, 2021​

Features​

• GitHub Checkruns allow customization of message and final status (fail or neutral).
• Integrations possibility of integrating several GitHub Enterprise Server instances.
• Historical scan Business workspaces now have a dedicated queue for historical scanning.
• Incidents handle Bitbucket repositories in search filters.

Bug fixes​

• Authentication email authentication is no longer case sensitive.
• Filtering filtering and ordering of tables are now kept throughout the app.
• Incidents quick actions are now propagated immediately.

July 27, 2021​

Features​

• Incidents Increase source filter search results limit from 10 to 100.
• GitHub regularly check that the GitHub App still exists.
• Share incident adding TTL (Time To Live) to the share link.
• Integrations add docker integration.

Bug fixes​

• Historical scan fix a race condition in incident creation.
• Historical scan fix an error where the scan loader remained after the scan finished (or failed).
• Analytics fix a page crash when a member to display was deleted.

July 13, 2021​

Features​

• API introduction of data management scopes for API keys
• GitHub allow users with a linked GitHub account to link a dangling installation to their workspace. It also works from unauthenticated users installing the GitHub App directly from GitHub.
• Onboarding implementation of an onboarding todo list to guide users in their first steps on the application

Bug fixes​

• Incidents correctly display incidents closed via the API or by an external developer via a share link.
• Detectors fix a performance issue when changing a secret detector status in the settings.
• GitHub fetch GitHub content between 100kB and 1MB when the patch is not returned by GitHub.

June 30, 2021​

Features​

• Analytics add panel to visualize your shift left efforts.
• CI/CD integrations add an instruction page on how to configure ggshield with each CI/CD tool.
• API API now respects the 20MB limit.

Bug fixes​

• GitLab clean up orphaned webhooks on the GitLab side when installing a new integration.

June 14, 2021​

Features​

• Incidents: introduction of severity for incidents. Triaging your incident becomes easier.
• Filepath exclusion suggestion of filepath to exclude based on workspace incidents
• API implement incidents list and sources list endpoints.

Bug fixes​

• SSO when force SSO is active, redirect to the SSO login page from the GitHub SSO flow.

May 26, 2021​

Features​

• Filepath exclusion add ability to configure filepath to exclude filepaths from monitoring. You can also test a filepath against your exclusion list.
• Settings users can customize their email notification for each of their workspaces.
• Incidents show assignee for closed incidents and ability to filter on assignee.
• Incidents add quick actions to resolve/ignore/reopen/assign directly in the incidents table row.
• Incidents add the bulk action “add note”.
• Incident detail update "how to remediate" section with detailed indications and blog links
• Perimeter add link to incidents page for closed incidents.
• CI/CD add drone.io and Azure pipelines.

May 5, 2021​

Features​

• Playbook introduction of "Auto-healing" playbook. Developers involved in a secret incident can now automatically receive an incident's share link.
• Incidents add a filter for developer feedback and icons indicating feedback status in the incidents table.
• Share link add resolve/ignore actions to the share page.
• Detectors deprecated detectors now appear disabled in the settings.
• Incidents CSV report now respects the secret incidents table filters and search.

Bug fixes​

• Incidents show number of open incidents in the inactive tab headers.
• Incident detail fix detector logo not displayed on incident detail page.
• Incidents fix bug not updating incidents list when navigating back from incident detail page after having updated it.

April 19, 2021​

Features​

• Share link ability for a developer to give feedback from the share page of an incident. Feedback is displayed on the incident detail page.
• Integrations display ggshield integrations (git hook, CI/CD …) on the integrations pages.
• Alerting integrations add Pagerduty, Discord and Splunk integrations in the app.
• Historical scan add ability to cancel a running historical scan.

Bug fixes​

• Authentication fix the 404 on some authentication pages.
• Audit fix a bug that could allow users to have their audit logs created without their IP address.

April 6, 2021​

Features​

• Analytics introduction of the Analytics section. This new section provides insight into the evolution of your workspace metrics helping you monitor your security posture over time.
• Incident detail ability to share an incident externally. Security teams can give visibility to developers, involved in the incident, but who are not authenticated on the workspace.
• GitLab display in-app warning when an integration is no longer monitored.
• Bitbucket Data Center display in-app warning when an integration is no longer monitored.

Bug fixes​

• Analytics fix incidents coming from an historical scan not taken into account in Analytics.

March 9, 2021​

Features​

• Bitbucket Data Center Bitbucket integration is now available. You can monitor your Bitbucket repositories for secrets detection.
• Audit log introduction of an Audit log section in the settings. As the Owner or Managers of your GitGuardian workspace, get a centralized view of all the user activity that took place on your workspace.
• GitLab improve the settings perimeter of namespaces/projects. Display the number of monitored projects per namespace and display the number of pending changes while changing the monitoring states. Lazy loads the projects only when a namespace is open.

Bug fixes​

• Historical scan do not send email when all scans of a bulk scan fail.

February 22, 2021​

Features​

• Incidents introduction of bulk actions. While we highly encourage you to examine an incident closely before closing it, you can now perform bulk actions (such as resolve, ignore, assign) to quickly change the status of multiple incidents.
• Incident detail implement navigation through matches in the git patch of a secret incident.
• Historical scan add a new failed reason: "timed out".
• Perimeter add a banner to remind users of missing integrations and unscanned repositories.

Bug fixes​

• CSV implement streaming download for long term performance fix.

February 8, 2021​

Features​

• Settings ability to transfer workspace ownership.
• Incidents add a loading visual upon table page change.

Bug fixes​

• Alerting integrations do not send notifications for deactivated detectors.

January 25, 2021​

Features​

• Incidents introduction of "sensitive file" and "test file" tags. "Sensitive file" tag indicates that one of the occurrences of the incident happened on a potential sensitive file. "Test file" tag indicates that one of the occurrences of the incident happened on a potential test file.
• Members introduction of Viewer role. A Viewer has access to all the incidents of your workspace. However, a Viewer cannot take actions such as resolving or ignoring an incident.

January 11, 2021​

Features​

• Alerting integrations add a setting for alerting frequency. An incident may contain several occurrences. Therefore, you can pick if your Slack or custom webhook notifications fire only when a new incident is triggered (at the first occurrence) or at all occurrences of every incident.
• GitLab add a configuration page for system hook integration, and improve group hook one.
• GitLab allow integration of multiple GitLab instances on a workspace.
• Security strengthen password policy.

Bug fixes​

• Incidents fix regression breaking timeline logs order.
• Incident fix bug allowing several logs for an action (resolve/ignore) on an incident.