November 2024

Welcome to the November 2024 release notes! This month, GitGuardian introduces several key updates, including enhanced security through new secrets detection capabilities, API improvements, and an updated settings navigation. Here’s what’s new:

• Enhanced Secrets Detection: New detectors for popular services like Cloudflare and InfluxDB.
• API Upgrades: New endpoints to improve source attribute management.
• Streamlined Settings: Improved organization on the settings page for easier navigation.

Read on for a detailed look at the latest features and improvements.

November 18, 2024

  Secrets Detection

• Secrets detection engine upgrade to version 2.126.0:
  • Added 4 detectors:
    • X-API-Key Secret
    • Azure Functions App Key Header
    • Azure Functions App Key Query Parameter

  Platform

• API: A new parameter, send_email: true|false, is now available on endpoints that trigger an email notification, such as when an invitation is created. This allows you to determine whether an email should be sent when using these endpoints. By default, if the parameter is not specified, the email will be sent.
• Health Check: Distribute health checks over time rather than executing them simultaneously. This reduces system load, avoids bottlenecks, and enhances monitoring accuracy.
• GitLab integration: Give the ability to configure an instance-level GitLab integration using a read-only admin token. However, since the token lacks permissions for creating system hooks, manual setup is required. Learn more.

  Fixes

• Historical Scans:
  • Fixed UI count on the perimeter page so that "sources successful" now shows the total count of monitored sources, regardless of failed or unscanned sources.
  • Standardized the date format for start and end dates in the status tooltip.
  • Corrected the repo size display in the status tooltip.
• Incidents: Notify team leaders only when a valid secret is intentionally ignored.

November 4, 2024

  Secrets Detection

• Secrets detection engine upgrade to version 2.125.0:
  • New detectors:
    • Cloudflare Tunnel Credentials: Detects credentials used to access and manage Cloudflare Tunnels, enhancing security for services hosted through Cloudflare. Learn more
    • InfluxDB Token: Identifies InfluxDB tokens used to authenticate API requests to InfluxDB instances, ensuring secure database interactions. Learn more
    • InfluxDB Token with Host: Detects InfluxDB tokens configured with specific hosts, offering greater precision in securing database access. Learn more
    • Rails Master Key Assignment: Recognizes Rails master keys assigned within code, helping to prevent unauthorized access to encrypted Rails credentials. Learn more

  Platform

• API: A new endpoint has been introduced to programmatically update a source's attributes, monitoring status, and business criticality. Accessible with sources:write scope.
• Settings: Improved navigation on the settings page with new sections for Integrations and Secrets.