Skip to main content

4 posts tagged with "confluence"

View All Tags

Generic Detectors landing on your non-VCS sources, powered by the False Positive Remover

calendar icon   Release Date: July 8, 2026

Generic detection on non-code sources thumbnail

Until now, a generic password or high-entropy secret hardcoded in a Jira ticket, a Confluence page, or a Slack message went undetected. GitGuardian now runs Generic Password and Generic High Entropy Secret detection on your non-code sources (Confluence, Jira, Slack, Microsoft Teams, and others). This is one of the most requested improvements from teams who already monitor their code with GitGuardian and want the same coverage everywhere.

What does this mean for you?

  • Instant visibility: findings from your non-code sources that were previously hidden now appear in your dashboard, already flagged as false positives where it applies.
  • Real-time coverage: any new content scanned from Confluence, Jira, Slack, Microsoft Teams, and other non-code sources immediately benefits from generic detection and false positive filtering.

Why is this important?

Generic detection now gives your non-code sources the same coverage you already rely on for your code. To keep that coverage high-signal, the False Positive Remover runs on every finding. It already filters your VCS findings, and we have extended it to non-code sources with an LLM-based model. In our benchmark, it identified 25 to 40% of generic findings as false positives and tagged them before they reached the dashboard.

The result: broader coverage, high signal.

Get Started Today!

Generic detection on non-code sources is enabled by default for Business accounts with AI features enabled. No action is required. To review or change your AI configuration, see AI settings.

Learn more about the False Positive Remover

Enhancements

  • Jira Notifier: Added remediation guidance content and detector-specific links as assignable metadata fields in the Jira integration ticket description template.

Fixes

  • Notifications: Fixed an issue where Discord webhook integrations failed to trigger on incident alerts.
  • Incidents Dashboard: Fixed a display and filtering issue with the False Positive tag that caused it to behave incorrectly in the UI.
  • Perimeter Management: Fixed an issue where toggling the Team Perimeter view between tree and list modes incorrectly marked the selection as modified.
  • NHI Inventory: Fixed a data inconsistency where the "files requiring code fix" count could differ between the UI and API responses.

Attachment scanning now covers all Jira and Confluence variants!

calendar icon   Release Date: April 27, 2026

Jira and Confluence

We're excited to announce that file attachment scanning is now supported for Jira Cloud, Jira Data Center, Confluence Cloud, and Confluence Data Center.

You can now detect secrets in both textual content and uploaded files, giving you full coverage across your Atlassian sources.

Why this matters

Security-relevant content is frequently shared as screenshots, exported logs, reports, and documents attached to tickets or wiki pages. By scanning both attachments and page or issue content, GitGuardian helps you reduce missed exposures and improve remediation coverage across your Atlassian environment.

  • Complete source coverage: Detect leaks in issue/page content and file attachments.
  • Fewer blind spots: Catch secrets hidden in uploaded logs, reports, screenshots, and documents.
  • Consistent experience: Atlassian attachment coverage now aligns with existing support in Microsoft Teams, Slack and other Corporate Data Sources.

Already using Jira or Confluence sources? Here's what you need to know:

  • New scopes required: Attachment scanning rely on additional API scopes for Jira and Confluence Cloud (read:attachment:jira on Jira Cloud and readonly:content.attachment:confluence on Confluence Cloud). Reinstall each affected integration from Settings → Integrations → Sources so new OAuth applications include the new permissions.
  • Run Full Historical Scan: To avoid any blindspot, we strongly recommend you re-execute the entire historical scans from your Confluence and Jira sources. This will ensure GitGuardian scans all attachments from the past.

Get started today

Check the updated documentation:

--

Enhancements

  • Public API: Removed the deprecated Honeytoken Labels API endpoints. Customers using custom tags should now use the Custom Tags API instead.
  • Jira Notification: Jira templates now flag unsupported required fields at configuration time, preventing configurations from being saved with fields that would fail at send time.
  • GitHub Check runs: Improved reliability of GitHub PR checks during partial outages for workspaces using GitGuardian Bridge.

Historical Scanning now available for Confluence Data Center

calendar icon   Release Date: June 30, 2025

Confluence DC Historical Scan Thumbnail

We’re excited to announce a significant enhancement to our secret detection capabilities for Confluence Data Center: historical scanning is now available!

What's new?

Previously, our integration would surface hardcoded secrets in real-time, alerting you to newly introduced risks as soon as they appeared. With this update, we’re extending our detection to include secrets that were leaked in the past—not just those introduced going forward.

Why does this matter?

Once a secret is leaked, it should always be considered compromised, regardless of when the leak occurred. By surfacing historical secrets, you can now:

  • Identify and remediate old, forgotten leaks that may still pose a security risk.
  • Reach a comprehensive security posture by ensuring that no secrets—past or present—slip through the cracks.
  • Take proactive action to rotate or revoke secrets that may have been exposed long ago.

Check out our Confluence Data Center documentation to see how to use this feature now!


Enhancements

  • Jira Data Center Integration: Enhanced Jira Data Center incident creation to include leaker email addresses for historical comments occurrences.

Fixes

  • GitHub Integration: Fixed an issue where dangling GitHub installations were being unnecessarily checked when no installations were present.

Historical Scanning now available for Jira and Confluence Cloud sources.

calendar icon   Release Date: April 29, 2025

Jira Confluence historical scan Thumbnail

We’re excited to announce a significant enhancement to our secret detection capabilities for Jira and Confluence Cloud: historical scanning is now available!

What's new?

Previously, our integration would surface hardcoded secrets in real-time, alerting you to newly introduced risks as soon as they appeared. With this update, we’re extending our detection to include secrets that were leaked in the past—not just those introduced going forward.

Why does this matter?

Once a secret is leaked, it should always be considered compromised, regardless of when the leak occurred. By surfacing historical secrets, you can now:

  • Identify and remediate old, forgotten leaks that may still pose a security risk.
  • Reach a comprehensive security posture by ensuring that no secrets—past or present—slip through the cracks.
  • Take proactive action to rotate or revoke secrets that may have been exposed long ago.

Check out our documentation to enable the feature now:


Enhancements

  • API: Introduced a new endpoint GET to the Public API, allowing users to retrieve invitation details.

Fixes

  • ServiceNow Integration: Redirects to the proper URL when checking hardcoded secrets in ServiceNow sources.