Release Date: May 20, 2026

Cut incident triage time by getting straight to the right list. The search bar now answers the questions you actually ask during triage - "what did Alice leak in the last 3 months?", "which unassigned critical incidents need owners?" - without forcing you through a chain of filter menus.

What's new?

• Search by secret value: paste a secret directly into the bar to see if it's already raised an incident. The value is hashed in your browser before being sent, so the plaintext never leaves your device.
• Search by commit author: type a developer's name or email fragment (e.g. @contractor.com) to surface every incident with at least one occurrence introduced by that person.
• Search by file path: type any portion of a path (e.g. .env, docker-compose.yml, config/secrets) to filter incidents whose occurrences match.
• Search by source name: type any portion of a repository, channel, drive, or project name to scope the page to that source.
• Natural language search (AI Filters): when AI Filters are enabled on your workspace, type a full sentence and GitGuardian translates it into the right combination of filters - for example, Open critical unassigned incidents related to cloud providers.

All search modes compose. You can mix structured filters, raw text, and a natural-language prompt in the same query, and save the result as a view to share with your team.

Why is this important?

Incident triage is fastest when you don't have to leave the page or know the exact filter name. By making the search bar the single entry point for every way you might describe what you're looking for, GitGuardian removes a layer of clicking from your day-to-day triage workflow - whether you're chasing a specific token, auditing a developer, or scoping leaks to a critical file.

Get Started Today!

The new search modes are available immediately on every workspace, on every plan. Natural language search requires AI Filters to be activated - see AI settings for the workspace settings and self-hosted prerequisites.

Learn more about the search bar

Enhancements​

• Microsoft Teams notifications: Backfilled the Issue Regression event for existing Microsoft Teams notifier configurations - channels now alert when a previously resolved incident reopens, in addition to new incidents and new occurrences. Learn more
• JFrog Artifactory scanning: Incident details now capture additional metadata for secrets found in JFrog Artifactory, making it easier to identify the leak author and assign incidents to the right owner.
• Sources health management — Jira Cloud: GitGuardian now pauses real-time ingestion and historical scans on unreachable Jira Cloud sources, auto-resumes them once health is restored, and surfaces an actionable recovery step. Rolling out to more integrations in upcoming releases. See the Jira Cloud integration guide.
• Risk score in alerting and ticketing: Incident risk score update events are now available in Custom Webhook, Slack, Microsoft Teams, ServiceNow, Jira Cloud, and Jira Data Center.

Fixes​

• Secret revocation: Fixed a case where revoking a Sendgrid API key from GitGuardian could surface a misleading error because the validity check was not re-run after the revocation request.
• Team perimeter: Restored the ability to bulk select all results when adding JFrog Artifactory sources to a team perimeter, previously broken on workspaces with large Artifactory repositories.
• GitHub health check: The GitHub and GitHub Enterprise health check now probes the documented /meta endpoint instead of the API root. This fixes false Unhealthy statuses reported after upgrading to GitHub Enterprise Server 3.19.4.
• Analytics: Fixed an issue where GitHub PR Check runs analytics dashboards were not displayed for GitHub Enterprise integrations.
• Perimeter performance: The source list now renders independently of the overview sidebar queries, fixing failed page renders on workspaces with very large source inventories (200k+ sources).

  Release Date: March 10, 2026

We are introducing a unified approach to public exposure information for secrets detected in Internal Monitoring. This update consolidates how we display public exposure, making it easier to understand and act on publicly visible secrets.

What's changing?

• Single tag: The "Publicly exposed" and "Publicly leaked" tags are now consolidated into a single "Publicly leaked" tag that appears whenever a secret has any type of public exposure.
• New "Public exposure" property: A new property provides detailed information about the nature of the exposure, categorized into three types:
  • Source is publicly visible: The incident has at least one occurrence in a monitored source that is publicly visible.
  • Has linked public incident: The secret also appears in public incidents from your public perimeter (requires Public Monitoring).
  • Found outside perimeter: The secret was found in public locations unrelated to your company, such as repositories you don't own (requires Public Monitoring for full details).

A new default saved view "Public exposure" and a dedicated column are available to help you filter and view exposure details.

👉 Learn more about public exposure

  Release Date: December 19, 2025

We're launching a streamlined Overview Analytics page that gives executives an instant pulse on security posture. At the top, unified KPIs for Protect, Detect, Remediate, and Govern surface repository coverage, incident volume, remediation speed, and identity safeguards—all at a glance.

What does this mean for you?

• Unified KPI Strip: Quick status check across all security dimensions—repository coverage, critical incidents, remediation time, and governance metrics.
• Monitored Perimeter Trends: Visualize how your monitored repository count evolves week over week.
• Top Risky Data Sources: Identify which repositories generate the most critical and high-severity incidents.
• Critical Incident Trajectories: Track how incident volume changes over time to spot emerging risks.
• Most Common Secret Types: Understand which secret categories appear most frequently in your perimeter.
• Closure Progress: Monitor remediation performance including auto-closures and manual resolutions.
• Governance Signals: View vaulted secrets and breached policies for NHI governance insights.

Why is this important?

This view is purpose-built for leadership reviews and status reporting. Use it to:

1. Identify where risk concentrates: Quickly pinpoint which data sources need immediate attention.
2. Measure response speed: Track how fast teams respond to security incidents.
3. Plan coverage expansion: Understand where monitoring should grow next.
4. Demonstrate progress: Show month-over-month / quarter-over-quarter improvements in security posture.

Get started

Navigate to Analytics > Overview to access the new dashboard. Use the KPI strip for a quick status check, then drill into each section to pinpoint hotspots and validate remediation performance.

Learn more about Analytics overview

---

Fixes​

• Risk Score: Removed an empty bullet point that appeared in the risk score explanation when no specific factors were highlighted.
• GitHub Check runs: Fixed an issue where check runs continued to run and block pull requests despite being disabled by property.

  Release date: December 17, 2025

We're excited to introduce risk score — an ML-powered feature available to Business workspaces that helps you focus on the incidents that matter most.

What's new

Each incident now includes a risk score ranging from 0 to 100, where 100 indicates the highest risk and 0 the lowest. The score automatically assesses threat level by analyzing multiple signals including secret type, validity, detection context, and exposure patterns.

Key capabilities:

• Granular prioritization: 0-100 scale for fine-tuned incident triage
• Flexible filtering and sorting: Filter by risk score range and sort by priority in your incidents table
• Updated "Critical" saved view: Now shows incidents with risk score above 80 for immediate focus on highest-priority threats
• Availability: Risk score is available for both Internal Monitoring and Public Monitoring on the Business & Enterprise plans.

Why it matters

The risk score cuts through the noise and helps you focus on critical incidents first. No more asking "where do I start?" or "which incidents are truly important?"—the ML model does the prioritization work for you.

📖 Learn more: How Machine Learning Transforms Security Alert Chaos into Actionable Intelligence

---

Enhancements​

• Detectors: Some detectors are now flagged as non-business and disabled by default for business accounts to reduce noise (related incidents are therefore hidden). Use the new "Recommended for business" filter in detector settings to identify and re-enable them if needed.

  Release Date: October 17, 2025

We're excited to announce an enhancement to ggshield that will streamline your remediation workflow: secret managers’ information is now available for secrets detected in integrated secrets managers!

What does this mean for you?

Enhanced Remediation Context: Previously, ggshield only indicated whether a secret was present in an integrated vault. Now you get the complete picture with specific vault names and exact paths, enabling faster and more precise remediation decisions.

Streamlined Developer Experience: Developers now receive detailed guidance directly in their CI pipelines and local environments, reducing the time spent investigating where secrets are stored and how to properly remediate them.

Why is this important?

In today's complex infrastructure landscape, secrets are often distributed across multiple vault systems. By providing precise vault location information, we empower development teams to act swiftly and accurately, significantly reducing investigation time and improving security posture across your organization.

Get Started Today!

This enhancement is automatically available in the latest version of ggshield. Update ggshield to 1.42+ to start benefiting from enhanced vault information display in your scanning workflows.

Check out our documentation to learn more.

Enhancements​

• Incidents: Added developer identity display for skipped secrets in GitHub Pull Request security checks, enabling SecOps to track accountability and follow up on security decisions during incident reviews.

Fixes​

• Plan: Fixed an issue where Enterprise plan customers were incorrectly shown as Business plan in the dashboard. The plan display now accurately reflects Enterprise subscriptions.
• Incidents search: Resolved a bug where search filters persisted without visible search text after page navigation, causing user confusion.
• Link to secret in internal source: Fixed an issue where some "View secret" links from historical scan occurrences did not navigate to the exact line in the commit.

  Release Date: September 23, 2025

We're thrilled to introduce Secret Revocation directly from the GitGuardian platform for supported providers, including GitHub, GitLab, and OpenAI. This enhancement is designed to accelerate your incident response process, reducing manual efforts and enabling you to quickly prevent attackers from leveraging your compromised secrets.

How it works:

• Quickly identify revocable secrets: Using the newly introduced Revocable by GitGuardian Tag.
• Access Controls: Requires full-access permissions on the incidents.
• Instant Revocation: Revoke secrets immediately using the call-to-acttion from the incident detail view.
• Safety First: Includes a confirmation step to prevent accidental revocations.
• Closing the incident loop: Automatically resolves incidents when valid secrets are revoked.
• Comprehensive Audit Trail: Every revocation activities are tracked and logged within the incident timeline for compliance and auditing purposes.

Assess the impact first:

To prevent operational disruption, always assess the impact of a revocation first. GitGuardian provides the context you need to evaluate the risk, including identifying which workloads depend on the credential, so you can act confidently.

Why it matters:

Manual secret revocation is traditionally slow and complex, as it often involves different teams. This delays the incident response and increases the security risk compromised secrets pose. This integrated revocation feature significantly shortens secret exposure times and expedites incident response workflows, especially once the investigation confirms secret shall be revoked.

Learn more about revocation.

---

Enhancements​

• Public API: Added Container Registries endpoints to the public API documentation.
• Pattern Exclusion: Improved performance and memory usage when checking the impact of secret pattern exclusions.

Fixes​

• Container Registries Integrations: Fixed authentication error with Google Artifact Registry that was causing scan failures.
• Explore: Fixed incorrect secret count display in scan results to ensure consistency with actual detected secrets.

  Release Date: September 17, 2025

We're excited to introduce AI Filters - use natural language to navigate through Incidents, Perimeter, and Audit Logs. Finding what you need has never been easier.

What it does:

• Type queries in plain English (e.g., "Show me critical incidents from last week")
• AI automatically converts your request into the appropriate filters
• Works alongside your existing filter settings
• Save AI-generated filters as views for team sharing

Available in: Incidents, Perimeter, and Audit Logs

Look for the AI input field in your filter bars to get started! Learn more about AI filters.

---

Enhancements​

• Confluence Cloud Integration: Enhanced Confluence Cloud secret scanning to work with outbound-only network connections through OAuth2 authentication, eliminating the need for inbound access previously required by Connect app installations. This improvement enables organizations with strict network policies to securely scan their Confluence Cloud content using historical scanning capabilities. Learn more
• GitHub Check Runs: Added option to include public share links in check runs, enabling developers outside your workspace to access and resolve incident details directly from pull requests without requiring GitGuardian dashboard access. Learn more
• Security: Added Content Security Policy (CSP) headers to improve browser security.

Fixes​

• Remediation tracking: Disabled file tracking for non-default branches. Learn more
• Perimeter:
  • Fixed "invalid time value" error when applying filters with running bulk scans.
  • Fixed scan bar and buttons visibility for team members not in the global team.
• Notifications:
  • Fixed Honeytoken events to only appear in "All incidents" team notifications instead of all teams.
  • Fixed custom webhook URL validation to properly handle escaped URLs.
• Integrations:
  • Fixed installation validation blocking customers from setting up on-prem JFrog Docker registry integration.
  • Fixed direct URL display in occurrences for older Confluence Data Center versions.

  Release Date: July 23, 2025

We're excited to announce a major update to Internal Monitoring: comprehensive analytics dashboards that empower you to monitor, investigate, and improve your organization's security posture across four key dimensions—Protect, Detect, Remediate, and Prevent.

Get answers to your most important security questions with new, interactive charts and tables:

Are your code repositories fully monitored for secrets? See the Count of sources chart to track the percentage of monitored repositories over time.

Which types of secrets are most frequently detected in your codebase? Explore the Most detected secrets chart to identify the most common secret types found.

Which teams and sources are most at risk for secret leaks? Check the Top teams by incident count and Top sources by incident count tables to pinpoint where incidents originate.

Is your team resolving security incidents quickly enough? Review the Median time to remediate chart to monitor how fast incidents are being resolved.

How effective are your secret prevention tools in stopping leaks before they happen? Analyze the Total count of incidents avoided by GGShield and GGShield scans over time charts to measure prevention and adoption.

With these new analytics, you can:

• Visualize monitoring coverage and trends
• Identify the most common and riskiest secrets
• Track incident detection and remediation performance
• Measure the impact of prevention tools like GGShield
• Drill down by team, source, and severity for targeted action

Start exploring the new dashboards today to drive smarter, data-driven security decisions!

Read documentation

---

Enhancements​

• GitLab integration: Configuration of multiple GitLab integrations using both system hooks and group hooks simultaneously is now supported

  Release Date: April 14, 2025

We're excited to announce Secrets Analyzer, a new enhancement to our secrets detection capabilities.

Secrets Analyzer automatically gathers additional context for detected secrets, including their associated scopes, permissions, ownership, and relevant perimeter information where available.

This added intelligence helps security teams:

• Evaluate the potential impact of a secret incident more accurately.
• Prioritize remediation efforts based on risk level.
• Streamline the overall incident response process.

For details on how each analyzer works, including metadata collected and validation calls:

• Explore the Secret Analyzers documentation.
• View the full list of Available Analyzers.
• See a specific example for the Jira Token Secret Analyzer.

---

Enhancements​

• Incidents: Added a new filter to improve incident categorization based on the presence or absence of Jira Data Center tickets.
• Custom Tags: Users can now create custom tags directly from search queries in the dashboard.
• Custom webhook: Add the team name and webhook name to the custom webhook payload for incidents and occurrences. Learn more.

Fixes​

• GitLab Integration:
  • Fixed an issue where multiple emails were sent for failures in multiple group hooks on the same GitLab instance, ensuring only one email is sent per instance.
  • We improved the process for read-only token installations by automatically detecting and updating the webhook ID if the webhook was created manually.
  • Fixed unnecessary scans triggered by webhooks related to unmonitored repositories.
• Incidents: Fixed a bug that could cause unnecessary data refresh on the incidents list when switching browser tabs.

  Release Date: March 24, 2025

Take control of incident management with custom tags. This feature allows you to categorize, filter, and search incidents using customized labels, offering greater flexibility in tracking and prioritizing incidents, and improving remediation workflows.

For developers, you can interact with custom tags via the API. For more information, visit the API documentation.

For more details on how to use custom tags within the GitGuardian platform, check out our detailed guide.

---

Enhancements​

You now have two options for receiving incident email notifications: "All incidents" (default) or "Only incidents involving yourself (based on your Git commit email)", learn more about email preferences.

  Release Date: March 19, 2025

We are excited to introduce Secret detection for Container Registries, including:

• Azure Container Registry
• Amazon Elastic Container Registry
• Google Artifact Registry
• JFrog Container Registry
• DockerHub

Secrets often end up in container images due to common mistakes during development and image creation, mainly:

• Hardcoding Secrets in Code: Developers may directly embed sensitive credentials, such as API keys or passwords, into application code, which gets packaged into container images.
• Misconfigured Dockerfiles: Commands like ENV or RUN in Dockerfiles can inadvertently expose sensitive data during the build process.

By identifying and addressing hardcoded credentials early in the development pipeline, this feature significantly minimizes the risk of security breaches, helping you prevent the unintended exposure of sensitive information before it even reaches production.

Check out our Blog Post to learn more and our documentation to enable the feature now:

• Amazon ECR
• Azure Container Registry
• Docker Hub
• Google Artifact Registry
• JFrog Container Registry

---

Fixes​

• Jira Cloud Issue Tracking Integration: Fixed an issue where Jira project keys were incorrectly changed during synchronization.

  Release Date: March 10, 2025

We are excited to unveil the "Generic Secret Enricher V1", a machine learning model designed to enhance our capabilities in generic secret detection. This innovative model analyzes the entire context of a document, identifying the company and category associated with a secret, thereby providing meaningful insights to help users understand the origin and type of a discovered secret.

New Features​

• Contextual Analysis: Upon detection of a generic secret, our platform analyzes the full document context to determine the associated provider or category of a secret.

• Efficient Classification: This feature reduces the need for manual classification, enabling users to quickly comprehend the source and nature of a discovered generic secret.

• New Filters: We've introduced three new filters - Provider, Category, Family - to help identify critical generic incidents. To use these, filter your incidents by the "Generic" type, then apply a combination of these filters.

Goals​

Our long-term goal is to provide you with actionable insights, prioritize their generic incidents, and improve their remediation efforts.

Usage​

To use the new filters, simply filter your incidents by the "Generic" type, then apply a combination of the Provider, Category, and Family filters. This will help you identify the most significant or critical generic incidents, such as those classified under "Data Storage" or linked to the provider "Postgresql".

Fixes​

• Jira Cloud Issue Tracking Integration: Resolved an issue where integration entered an invalid state after being uninstalled.
• Microsoft Teams Alerts for Security Incidents: Resolved an issue where the wrong team was displayed during configuration.

  Release Date: February 28, 2025

GitGuardian now integrates with AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, Google Secret Manager, Delinea, and Akeyless through ggscout, letting you sync secret incidents with your Secrets Managers—without exposing sensitive data.

What’s in it for you?

• Prioritize Faster – Instantly see which secrets are already vaulted and focus on real risks.
• Remediate Quicker – Vault unprotected secrets in a click and speed up fixes.
• Streamline Workflows – Leverage vaulted secrets insights directly in GitGuardian.
• Improve Secrets Hygiene – Spot duplicate, weak, or mismanaged secrets with ggscout.
• Simplify Vault Consolidation – Track migrations, filter secrets, and purge outdated ones effortlessly.