Skip to main content

5 posts tagged with "secrets-detection"

View All Tags

Historical Scanning now available for Jira and Confluence Cloud sources.

calendar icon   Release Date: April 29, 2025

Jira Confluence historical scan Thumbnail

We’re excited to announce a significant enhancement to our secret detection capabilities for Jira and Confluence Cloud: historical scanning is now available!

What's new?

Previously, our integration would surface hardcoded secrets in real-time, alerting you to newly introduced risks as soon as they appeared. With this update, we’re extending our detection to include secrets that were leaked in the past—not just those introduced going forward.

Why does this matter?

Once a secret is leaked, it should always be considered compromised, regardless of when the leak occurred. By surfacing historical secrets, you can now:

  • Identify and remediate old, forgotten leaks that may still pose a security risk.
  • Achieve a more comprehensive security posture by ensuring that no secrets—past or present—slip through the cracks.
  • Take proactive action to rotate or revoke secrets that may have been exposed long ago.

Check out our public documentation to enable the feature now:


Enhancements

  • API: Introduced a new endpoint GET to the Public API, allowing users to retrieve invitation details.

Fixes

  • ServiceNow Integration: Redirects to the proper URL when checking hardcoded secrets in ServiceNow sources.

Secure your Non-Human Identities with NHI Governance

calendar icon   Release Date: April 23, 2025

NHI Governance Thumbnail

We're proud to introduce NHI Governance our brand new solution designed to help you manage and secure your Non-Human Identities (NHIs) and related secrets.

As organizations face exponential growth in machine identities, NHI Governance delivers a comprehensive observability and lifecycle management across all your environments. Integrating with leading secrets managers and other sources from your infrastructure, such as CI/CD pipelines or Kubernetes Clusters, it centralizes inventory, helps you assess your posture, and enforces security policies.

The solution offers:

  • Deep contextual insights, mapping relationships between secrets, their consumers, and resources, drastically reducing incident response times.
  • Advanced analytics helps you identify risks like overprivileged NHIs and track hygiene metrics.
  • Policy enforcement aligns your posture with standards such as the OWASP NHI Top 10.

NHI Governance empowers you to regain control over your NHIs and tied secrets, reduce risk, accelerate compliance tasks, and improve hygiene by addressing orphaned, untracked, or overprivileged credentials.

Ready to start your journey towards safer secrets management? Request access to GitGuardian NHI Governance by contacting your Sales Representative or Customer Success Manager.

Learn more:


Enhancements

  • Jira Configuration: Introduced a new layout for the Jira Configuration form to enhance user experience and streamline configuration tasks.
  • Navigation Improvements:
    • Added persistent section state to remember your navigation preferences and updated browser tab titles for better identification when managing multiple tabs.
    • Added a "Skip to Main Content" button for better accessibility. When using keyboard navigation, pressing the Tab key reveals the button, which allows users to bypass navigation menus and jump directly to the main content area.

Fixes

  • GitLab Integration: Resolved an issue where system hook checks returned a 403 forbidden error when using a read-only token.

Explore and prioritize your Generic Incidents

calendar icon   Release Date: March 10, 2025

GSE-filters

We are excited to unveil the "Generic Secret Enricher V1", a machine learning model designed to enhance our capabilities in generic secret detection. This innovative model analyzes the entire context of a document, identifying the company and category associated with a secret, thereby providing meaningful insights to help users understand the origin and type of a discovered secret.

New Features

  • Contextual Analysis: Upon detection of a generic secret, our platform analyzes the full document context to determine the associated provider or category of a secret.

  • Efficient Classification: This feature reduces the need for manual classification, enabling users to quickly comprehend the source and nature of a discovered generic secret.

  • New Filters: We've introduced three new filters - Provider, Category, Family - to help identify critical generic incidents. To use these, filter your incidents by the "Generic" type, then apply a combination of these filters.

Goals

Our long-term goal is to provide you with actionable insights, prioritize their generic incidents, and improve their remediation efforts.

Usage

To use the new filters, simply filter your incidents by the "Generic" type, then apply a combination of the Provider, Category, and Family filters. This will help you identify the most significant or critical generic incidents, such as those classified under "Data Storage" or linked to the provider "Postgresql".

Fixes

  • Jira Cloud Issue Tracking Integration: Resolved an issue where integration entered an invalid state after being uninstalled.
  • Microsoft Teams Alerts for Security Incidents: Resolved an issue where the wrong team was displayed during configuration.

Leverage insights from your Secrets Managers

calendar icon   Release Date: February 28, 2025

Secrets Managers Thumbnail

GitGuardian now integrates with AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, Google Secret Manager, Delinea, and Akeyless through ggscout, letting you sync secret incidents with your Secrets Managers—without exposing sensitive data.

What’s in it for you?

  • Prioritize Faster – Instantly see which secrets are already vaulted and focus on real risks.
  • Remediate Quicker – Vault unprotected secrets in a click and speed up fixes.
  • Streamline Workflows – Leverage vaulted secrets insights directly in GitGuardian.
  • Improve Secrets Hygiene – Spot duplicate, weak, or mismanaged secrets with ggscout.
  • Simplify Vault Consolidation – Track migrations, filter secrets, and purge outdated ones effortlessly.

Secrets Managers Tag

ServiceNow secret scanning

calendar icon   Release Date: January 28, 2025

ServiceNow Integration ServiceNow is now supported for secrets detection and honeytoken detection, enabling automated tracking of security incidents. Learn more


Enhancements

  • Jira Data Center Integration: Added support for "User Picker (single user)" custom fields in Jira templates for improved issue tracking. Learn more

Fixes

  • GitLab Integration: Improved support for instances with over 50,000 GitLab projects, enabling better visibility in integration settings.
  • Azure Repos Integration: Fixed an issue where organization deletions were not properly synced when using ADO installations in Organization-mode.
  • PagerDuty Alerts for Security Incidents: Resolved an issue that prevented real-time alerts from being sent.