Release Date: April 27, 2026

We're excited to announce that file attachment scanning is now supported for Jira Cloud, Jira Data Center, Confluence Cloud, and Confluence Data Center.

You can now detect secrets in both textual content and uploaded files, giving you full coverage across your Atlassian sources.

Why this matters

Security-relevant content is frequently shared as screenshots, exported logs, reports, and documents attached to tickets or wiki pages. By scanning both attachments and page or issue content, GitGuardian helps you reduce missed exposures and improve remediation coverage across your Atlassian environment.

• Complete source coverage: Detect leaks in issue/page content and file attachments.
• Fewer blind spots: Catch secrets hidden in uploaded logs, reports, screenshots, and documents.
• Consistent experience: Atlassian attachment coverage now aligns with existing support in Microsoft Teams, Slack and other Corporate Data Sources.

Already using Jira or Confluence sources? Here's what you need to know:

• New scopes required: Attachment scanning rely on additional API scopes for Jira and Confluence Cloud (read:attachment:jira on Jira Cloud and readonly:content.attachment:confluence on Confluence Cloud). Reinstall each affected integration from Settings → Integrations → Sources so new OAuth applications include the new permissions.
• Run Full Historical Scan: To avoid any blindspot, we strongly recommend you re-execute the entire historical scans from your Confluence and Jira sources. This will ensure GitGuardian scans all attachments from the past.

Get started today

Check the updated documentation:

• Integrate Jira Cloud
• Integrate Jira Data Center
• Integrate Confluence Cloud
• Integrate Confluence Data Center

--

Enhancements​

• Public API: Removed the deprecated Honeytoken Labels API endpoints. Customers using custom tags should now use the Custom Tags API instead.
• Jira Notification: Jira templates now flag unsupported required fields at configuration time, preventing configurations from being saved with fields that would fail at send time.
• GitHub Check runs: Improved reliability of GitHub PR checks during partial outages for workspaces using GitGuardian Bridge.

  Release Date: June 30, 2025

We’re excited to announce a significant enhancement to our secret detection capabilities for Confluence Data Center: historical scanning is now available!

What's new?

Previously, our integration would surface hardcoded secrets in real-time, alerting you to newly introduced risks as soon as they appeared. With this update, we’re extending our detection to include secrets that were leaked in the past—not just those introduced going forward.

Why does this matter?

Once a secret is leaked, it should always be considered compromised, regardless of when the leak occurred. By surfacing historical secrets, you can now:

• Identify and remediate old, forgotten leaks that may still pose a security risk.
• Reach a comprehensive security posture by ensuring that no secrets—past or present—slip through the cracks.
• Take proactive action to rotate or revoke secrets that may have been exposed long ago.

Check out our Confluence Data Center documentation to see how to use this feature now!

---

Enhancements​

• Jira Data Center Integration: Enhanced Jira Data Center incident creation to include leaker email addresses for historical comments occurrences.

Fixes​

• GitHub Integration: Fixed an issue where dangling GitHub installations were being unnecessarily checked when no installations were present.

  Release Date: April 29, 2025

We’re excited to announce a significant enhancement to our secret detection capabilities for Jira and Confluence Cloud: historical scanning is now available!

What's new?

Previously, our integration would surface hardcoded secrets in real-time, alerting you to newly introduced risks as soon as they appeared. With this update, we’re extending our detection to include secrets that were leaked in the past—not just those introduced going forward.

Why does this matter?

Once a secret is leaked, it should always be considered compromised, regardless of when the leak occurred. By surfacing historical secrets, you can now:

• Identify and remediate old, forgotten leaks that may still pose a security risk.
• Reach a comprehensive security posture by ensuring that no secrets—past or present—slip through the cracks.
• Take proactive action to rotate or revoke secrets that may have been exposed long ago.

Check out our documentation to enable the feature now:

• Jira Cloud
• Confluence Cloud

---

Enhancements​

• API: Introduced a new endpoint GET to the Public API, allowing users to retrieve invitation details.

Fixes​

• ServiceNow Integration: Redirects to the proper URL when checking hardcoded secrets in ServiceNow sources.