Release date: December 17, 2025

We're excited to introduce risk score — an ML-powered feature available to Business workspaces that helps you focus on the incidents that matter most.

What's new​

Each incident now includes a risk score ranging from 0 to 100, where 100 indicates the highest risk and 0 the lowest. The score automatically assesses threat level by analyzing multiple signals including secret type, validity, detection context, and exposure patterns.

Key capabilities:

• Granular prioritization: 0-100 scale for fine-tuned incident triage
• Flexible filtering and sorting: Filter by risk score range and sort by priority in your incidents table
• Updated "Critical" saved view: Now shows incidents with risk score above 80 for immediate focus on highest-priority threats
• Availability: Risk score is available for both Internal Monitoring and Public Monitoring.

Why it matters​

The risk score cuts through the noise and helps you focus on critical incidents first. No more asking "where do I start?" or "which incidents are truly important?"—the ML model does the prioritization work for you.

---

Enhancements​

• Detectors: Some detectors are now flagged as non-business and disabled by default for business accounts to reduce noise (related incidents are therefore hidden). Use the new "Recommended for business" filter in detector settings to identify and re-enable them if needed.

  Release Date: October 17, 2025

We're excited to announce an enhancement to ggshield that will streamline your remediation workflow: secret managers’ information is now available for secrets detected in integrated secrets managers!

What does this mean for you?

Enhanced Remediation Context: Previously, ggshield only indicated whether a secret was present in an integrated vault. Now you get the complete picture with specific vault names and exact paths, enabling faster and more precise remediation decisions.

Streamlined Developer Experience: Developers now receive detailed guidance directly in their CI pipelines and local environments, reducing the time spent investigating where secrets are stored and how to properly remediate them.

Why is this important?

In today's complex infrastructure landscape, secrets are often distributed across multiple vault systems. By providing precise vault location information, we empower development teams to act swiftly and accurately, significantly reducing investigation time and improving security posture across your organization.

Get Started Today!

This enhancement is automatically available in the latest version of ggshield. Update ggshield to 1.42+ to start benefiting from enhanced vault information display in your scanning workflows.

Check out our documentation to learn more.

Enhancements​

• Incidents: Added developer identity display for skipped secrets in GitHub Pull Request security checks, enabling SecOps to track accountability and follow up on security decisions during incident reviews.

Fixes​

• Plan: Fixed an issue where Enterprise plan customers were incorrectly shown as Business plan in the dashboard. The plan display now accurately reflects Enterprise subscriptions.
• Incidents search: Resolved a bug where search filters persisted without visible search text after page navigation, causing user confusion.
• Link to secret in internal source: Fixed an issue where some "View secret" links from historical scan occurrences did not navigate to the exact line in the commit.

  Release Date: September 23, 2025

We're thrilled to introduce Secret Revocation directly from the GitGuardian platform for supported providers, including GitHub, GitLab, and OpenAI. This enhancement is designed to accelerate your incident response process, reducing manual efforts and enabling you to quickly prevent attackers from leveraging your compromised secrets.

How it works:

• Quickly identify revocable secrets: Using the newly introduced Revocable by GitGuardian Tag.
• Access Controls: Requires full-access permissions on the incidents.
• Instant Revocation: Revoke secrets immediately using the call-to-acttion from the incident detail view.
• Safety First: Includes a confirmation step to prevent accidental revocations.
• Closing the incident loop: Automatically resolves incidents when valid secrets are revoked.
• Comprehensive Audit Trail: Every revocation activities are tracked and logged within the incident timeline for compliance and auditing purposes.

Assess the impact first:

To prevent operational disruption, always assess the impact of a revocation first. GitGuardian provides the context you need to evaluate the risk, including identifying which workloads depend on the credential, so you can act confidently.

Why it matters:

Manual secret revocation is traditionally slow and complex, as it often involves different teams. This delays the incident response and increases the security risk compromised secrets pose. This integrated revocation feature significantly shortens secret exposure times and expedites incident response workflows, especially once the investigation confirms secret shall be revoked.

Learn more about revocation.

---

Enhancements​

• Public API: Added Container Registries endpoints to the public API documentation.
• Pattern Exclusion: Improved performance and memory usage when checking the impact of secret pattern exclusions.

Fixes​

• Container Registries Integrations: Fixed authentication error with Google Artifact Registry that was causing scan failures.
• Explore: Fixed incorrect secret count display in scan results to ensure consistency with actual detected secrets.

  Release Date: September 17, 2025

We're excited to introduce AI Filters - use natural language to navigate through Incidents, Perimeter, and Audit Logs. Finding what you need has never been easier.

What it does:

• Type queries in plain English (e.g., "Show me critical incidents from last week")
• AI automatically converts your request into the appropriate filters
• Works alongside your existing filter settings
• Save AI-generated filters as views for team sharing

Available in: Incidents, Perimeter, and Audit Logs

Look for the AI input field in your filter bars to get started! Learn more about AI filters.

---

Enhancements​

• Confluence Cloud Integration: Enhanced Confluence Cloud secret scanning to work with outbound-only network connections through OAuth2 authentication, eliminating the need for inbound access previously required by Connect app installations. This improvement enables organizations with strict network policies to securely scan their Confluence Cloud content using historical scanning capabilities. Learn more
• GitHub Check Runs: Added option to include public share links in check runs, enabling developers outside your workspace to access and resolve incident details directly from pull requests without requiring GitGuardian dashboard access. Learn more
• Security: Added Content Security Policy (CSP) headers to improve browser security.

Fixes​

• Remediation tracking: Disabled file tracking for non-default branches. Learn more
• Perimeter:
  • Fixed "invalid time value" error when applying filters with running bulk scans.
  • Fixed scan bar and buttons visibility for team members not in the global team.
• Notifications:
  • Fixed Honeytoken events to only appear in "All incidents" team notifications instead of all teams.
  • Fixed custom webhook URL validation to properly handle escaped URLs.
• Integrations:
  • Fixed installation validation blocking customers from setting up on-prem JFrog Docker registry integration.
  • Fixed direct URL display in occurrences for older Confluence Data Center versions.

  Release Date: July 23, 2025

We're excited to announce a major update to Internal Monitoring: comprehensive analytics dashboards that empower you to monitor, investigate, and improve your organization's security posture across four key dimensions—Protect, Detect, Remediate, and Prevent.

Get answers to your most important security questions with new, interactive charts and tables:

Are your code repositories fully monitored for secrets? See the Count of sources chart to track the percentage of monitored repositories over time.

Which types of secrets are most frequently detected in your codebase? Explore the Most detected secrets chart to identify the most common secret types found.

Which teams and sources are most at risk for secret leaks? Check the Top teams by incident count and Top sources by incident count tables to pinpoint where incidents originate.

Is your team resolving security incidents quickly enough? Review the Median time to remediate chart to monitor how fast incidents are being resolved.

How effective are your secret prevention tools in stopping leaks before they happen? Analyze the Total count of incidents avoided by GGShield and GGShield scans over time charts to measure prevention and adoption.

With these new analytics, you can:

• Visualize monitoring coverage and trends
• Identify the most common and riskiest secrets
• Track incident detection and remediation performance
• Measure the impact of prevention tools like GGShield
• Drill down by team, source, and severity for targeted action

Start exploring the new dashboards today to drive smarter, data-driven security decisions!

Read documentation

---

Enhancements​

• GitLab integration: Configuration of multiple GitLab integrations using both system hooks and group hooks simultaneously is now supported

  Release Date: April 14, 2025

We're excited to announce Secrets Analyzer, a new enhancement to our secrets detection capabilities.

Secrets Analyzer automatically gathers additional context for detected secrets, including their associated scopes, permissions, ownership, and relevant perimeter information where available.

This added intelligence helps security teams:

• Evaluate the potential impact of a secret incident more accurately.
• Prioritize remediation efforts based on risk level.
• Streamline the overall incident response process.

For details on how each analyzer works, including metadata collected and validation calls:

• Explore the Secret Analyzers documentation.
• View the full list of Available Analyzers.
• See a specific example for the Jira Token Secret Analyzer.

---

Enhancements​

• Incidents: Added a new filter to improve incident categorization based on the presence or absence of Jira Data Center tickets.
• Custom Tags: Users can now create custom tags directly from search queries in the dashboard.
• Custom webhook: Add the team name and webhook name to the custom webhook payload for incidents and occurrences. Learn more.

Fixes​

• GitLab Integration:
  • Fixed an issue where multiple emails were sent for failures in multiple group hooks on the same GitLab instance, ensuring only one email is sent per instance.
  • We improved the process for read-only token installations by automatically detecting and updating the webhook ID if the webhook was created manually.
  • Fixed unnecessary scans triggered by webhooks related to unmonitored repositories.
• Incidents: Fixed a bug that could cause unnecessary data refresh on the incidents list when switching browser tabs.

  Release Date: March 24, 2025

Take control of incident management with custom tags. This feature allows you to categorize, filter, and search incidents using customized labels, offering greater flexibility in tracking and prioritizing incidents, and improving remediation workflows.

For developers, you can interact with custom tags via the API. For more information, visit the API documentation.

For more details on how to use custom tags within the GitGuardian platform, check out our detailed guide.

---

Enhancements​

You now have two options for receiving incident email notifications: "All incidents" (default) or "Only incidents involving yourself (based on your Git commit email)", learn more about email preferences.

  Release Date: March 19, 2025

We are excited to introduce Secret detection for Container Registries, including:

• Azure Container Registry
• Amazon Elastic Container Registry
• Google Artifact Registry
• JFrog Container Registry
• DockerHub

Secrets often end up in container images due to common mistakes during development and image creation, mainly:

• Hardcoding Secrets in Code: Developers may directly embed sensitive credentials, such as API keys or passwords, into application code, which gets packaged into container images.
• Misconfigured Dockerfiles: Commands like ENV or RUN in Dockerfiles can inadvertently expose sensitive data during the build process.

By identifying and addressing hardcoded credentials early in the development pipeline, this feature significantly minimizes the risk of security breaches, helping you prevent the unintended exposure of sensitive information before it even reaches production.

Check out our Blog Post to learn more and our documentation to enable the feature now:

• Amazon ECR
• Azure Container Registry
• Docker Hub
• Google Artifact Registry
• JFrog Container Registry

---

Fixes​

• Jira Cloud Issue Tracking Integration: Fixed an issue where Jira project keys were incorrectly changed during synchronization.

  Release Date: March 10, 2025

We are excited to unveil the "Generic Secret Enricher V1", a machine learning model designed to enhance our capabilities in generic secret detection. This innovative model analyzes the entire context of a document, identifying the company and category associated with a secret, thereby providing meaningful insights to help users understand the origin and type of a discovered secret.

New Features​

• Contextual Analysis: Upon detection of a generic secret, our platform analyzes the full document context to determine the associated provider or category of a secret.

• Efficient Classification: This feature reduces the need for manual classification, enabling users to quickly comprehend the source and nature of a discovered generic secret.

• New Filters: We've introduced three new filters - Provider, Category, Family - to help identify critical generic incidents. To use these, filter your incidents by the "Generic" type, then apply a combination of these filters.

Goals​

Our long-term goal is to provide you with actionable insights, prioritize their generic incidents, and improve their remediation efforts.

Usage​

To use the new filters, simply filter your incidents by the "Generic" type, then apply a combination of the Provider, Category, and Family filters. This will help you identify the most significant or critical generic incidents, such as those classified under "Data Storage" or linked to the provider "Postgresql".

Fixes​

• Jira Cloud Issue Tracking Integration: Resolved an issue where integration entered an invalid state after being uninstalled.
• Microsoft Teams Alerts for Security Incidents: Resolved an issue where the wrong team was displayed during configuration.

  Release Date: February 28, 2025

GitGuardian now integrates with AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, Google Secret Manager, Delinea, and Akeyless through ggscout, letting you sync secret incidents with your Secrets Managers—without exposing sensitive data.

What’s in it for you?

• Prioritize Faster – Instantly see which secrets are already vaulted and focus on real risks.
• Remediate Quicker – Vault unprotected secrets in a click and speed up fixes.
• Streamline Workflows – Leverage vaulted secrets insights directly in GitGuardian.
• Improve Secrets Hygiene – Spot duplicate, weak, or mismanaged secrets with ggscout.
• Simplify Vault Consolidation – Track migrations, filter secrets, and purge outdated ones effortlessly.