Skip to main content

3 posts tagged with "public-monitoring"

View All Tags

“Explore” and find more company-related secrets!

calendar icon   Release Date: September 26, 2025

Explore Thumbnail

Public Monitoring's new Explore feature enables you to proactively discover secrets related to your organization that may have been leaked beyond your defined perimeter. This powerful enhancement helps you find exposures in public GitHub repositories that the perimeter-based monitoring might miss.

Explore is available exclusively for Public Monitoring customers. Contact us for availability and pricing information.

How it works:

  • Company-focused search: Use targeted queries to find commits containing your domains, service names, or internal system references
  • Secret detection: Scan search results using GitGuardian's detection engine
  • Incident creation: Convert discovered secrets into public secret incidents
  • Automated monitoring: Schedule searches for your organizational assets with automatic incident creation

Why it matters: Your secrets can leak outside your direct control - in personal repositories, contractor projects, or third-party integrations. Explore helps you discover these organizational exposures by searching for your company's specific digital footprint: domains, email patterns, service names, and infrastructure references.

Get started today: Public Monitoring customers can navigate to Public Monitoring > Explore and use the built-in search tailored for organizational security monitoring.

Learn more on Explore.


Enhancements

  • Public Monitoring perimeter: Added CSV export functionality to download the list of developers.
  • Secret detail: Base64 Basic Authentication token incidents now show the decoded username and password in the secret information.
  • New Ignore reason: Added "Invalid Secret" as a reason when ignoring incidents where the secret was already invalid at detection time and requires no remediation.

Public Monitoring API endpoints now available

calendar icon   Release Date: August 1, 2025

Incident Playbook Thumbnail

For customers with Public Monitoring enabled, we're excited to announce the release of dedicated API endpoints, enabling programmatic access to manage Public Monitoring findings.

What's new?

We've introduced new endpoints that allow you to:

  • Manage and interact with public secret incidents
  • List public perimeter developers information The new endpoints maintain consistency with our internal incidents API structure, ensuring a familiar experience for existing API users.

Why does this matter?

With these new API endpoints, you can:

  • Integrate GitGuardian's public monitoring capabilities directly into your existing security tools
  • Create automated workflows to handle incidents more efficiently
  • Reduce response time by eliminating manual platform interactions

Check our API documentation to get started.


Fixes

  • Incident permissions: Fixed an issue where assignees with "can view" permissions would be hidden from the incident's UI.
  • Slack integration: Fixed an issue where duplicate secret occurrences were created when thread replies were posted to channels in Slack.
  • JFrog Artifactory integration:
    • Fixed an error in repository last update date retrieval during recurrent scans.
    • Improved error handling and diagnostics for health check connectivity issues.

Extend your security coverage with Public Monitoring

calendar icon   Release Date: July 25, 2025

Public Monitoring Thumbnail

We're excited to announce the integration of Public Monitoring directly into the GitGuardian platform, bringing all your security modules under one unified, powerful experience. This consolidation streamlines workflows and creates powerful synergies for comprehensive secrets and NHI security.

Public Monitoring continuously scans public GitHub to detect exposed secrets related to your organization and developers. This proactive monitoring helps you identify and remediate security risks before they can be exploited by malicious actors, extending your security coverage beyond your direct control.

The solution offers:

  • Proactive risk detection: Identify exposed secrets as early as possible by scanning your defined public perimeter
  • Contextual intelligence: Understand the scope and severity of each incident with detailed investigation context
  • Unified incident management: Leverage the same powerful incident management capabilities across both public and internal monitoring
  • Enhanced cross-module insights: Benefit from integrated correlation with Internal Monitoring and NHI Governance, including exploration maps that show how publicly exposed secrets relate to your internal incidents, vaulted secrets or infrastructure usage

Public Monitoring is a module that requires a specific license. Contact us for availability and pricing information.

Migration timeline

This integrated Public Monitoring experience is available for new users starting today. If you're currently using our standalone Public Monitoring application, you'll continue to have full access to your existing service while we prepare your seamless migration to the unified platform. We'll reach out directly to coordinate your transition and ensure you can take advantage of these powerful new capabilities.

Learn more:


Enhancements

  • Custom webhooks: Enhanced webhook configuration with more granular event selection and support for Public Monitoring incident events (available to teams with Public Monitoring access). See the updated documentation.