Release Date: June 19, 2026

Every incident used to trigger an alert, a ticket, or an email regardless of how critical it was, leaving teams to drown in noise. Smart Notifiers lets you define per-channel rules so a notification is only sent for the incidents that matter - filtering by severity, ML risk score, validity, secret type, or GitGuardian tag, across both internal and public monitoring. No more third-party middleware to filter before routing.

Available now for custom webhook, Slack, and Microsoft Teams. Email alerting can also filter public monitoring incidents by severity.

Get started: configure rules from your notifier settings. See Alerting and notifications and the custom webhook, Slack, Microsoft Teams, and email alerting guides.

Coming next: ServiceNow & Jira, Splunk & PagerDuty, Discord, Email filtering beyond severity and internal monitoring support.

Enhancements​

• Overview analytics: now include Non-Human Identity (NHI) and Public Monitoring data.
• GitHub check runs: a new setting lets you skip merge commits in pull request check runs. When enabled, check runs only flag secrets introduced by commits authored on the PR branch, reducing false positives caused by secrets pulled in from the target branch via merge commits. See Detect secrets in real time in GitHub.
• GitHub check runs - large pull requests: check runs now skip the scan on pull requests above a configured size limit to protect your organization's shared GitHub API rate limit. Previously these pull requests would time out or fail. See Detect secrets in real time in GitHub.
• Ticketing integration: you can now dissociate a Jira or ServiceNow ticket from an incident directly from the incident detail page, without deleting the external ticket itself.
• ServiceNow ticketing integration: added support for the Feedback Received event in event-based notifications. See the ServiceNow integration guide.
• Incidents:
  • Added ability to filter incidents by closure reason.
  • Increased the character limit for secret value search on the incidents page, so longer secrets such as large JWTs are matched correctly.
• Historical scans: improved scanning performance on large repositories, reducing timeouts and scan failures.
• GitLab integration: Read-only tokens are now fully supported for GitLab group hook installations, with setup instructions for manual webhook creation displayed when needed.

Fixes​

• Security: fixed a cross-site scripting (XSS) vulnerability on the mTLS redirect page where the retry button URL could be manipulated via a query parameter.
• Developer share links: fixed an issue where custom remediation guidelines were not displayed on the incident share page.
• Public monitoring: clicking the incidents column on the Secret Graspers settings page now correctly navigates to the Incidents tab with the matching filter applied.
• Slack notifications: fixed a "this team does not exist" error that could occur when adding Slack alert notifications on free plan.
• Jira & Confluence: fixed an unknown scanning error caused by provider rate limits.
• GitHub: fixed a Forbidden error on unauthenticated requests to the GitHub API root endpoint.

  Release Date: April 23, 2026

We're excited to announce that the GitGuardian Slack app is now officially listed and approved on the Slack Marketplace, available in both US and EU regions ! This means you can install GitGuardian directly from Slack's app directory, and the peace of mind that comes with Slack's marketplace review process. Beyond marketplace approval, this release bundles several improvements to the Slack integration that make it more powerful, more privacy-aware, and easier to operate at scale.

What's new?

• Channel selection at setup time: You now choose which public channels to monitor during installation, instead of the app automatically joining every public channel. This gives you full control over your scanning perimeter from day one.
• File attachment scanning: Secrets hiding in file attachments dropped in channels and messages are now detected alongside text-based messages.
• Interactive messages (Beta): When GitGuardian detects a secret, it posts a threaded response directly in the original conversation with details about the finding and quick actions — including the ability to ignore low-risk incidents without leaving Slack.
• Enhanced privacy controls: Private channel names are now redacted for users who don't have access to those channels in Slack, fully respecting Slack's privacy model. A privacy information banner is also displayed during setup to clarify what GitGuardian can and cannot access.

Why does this matter?

Slack is where developers share code snippets, debug outputs, and configuration examples in real-time. These casual exchanges frequently contain accidentally pasted API keys, database credentials, and tokens that persist in chat history. With the new GitGuardian Slack app, you extend your proactive defense and efficiently streamline the efforts with the responsibles of the leaks!

Get started

1. Open the listing for your region: GitGuardian (US) or GitGuardian EU.
2. In GitGuardian, go to Settings → Integrations → Sources and install Slack from the Messaging section, then complete the OAuth flow for your workspace.

If you previously covered your Slack Perimeter with GitGuardian, you will need to reinstall your Slack App using the same procedure.

Check out the full Slack integration guide for perimeters, private channels, and interactive messages configuration.

---

Enhancements​

• Accessibility: Added support for Ctrl+Enter to submit forms, improving keyboard navigation efficiency.
• Jira Integration: Dynamic variables (e.g., {secretType}, {sourceName}, {sourceType}) can now be used across all Jira fields — including Labels, Summary, Priority, and custom fields — not just the description. Variables are interpolated at incident creation time, making it easier to build filtered Jira dashboards and reports. Learn more.

Fixes​

• Dashboard: Fixed an issue where filtering Personal Access Tokens could cause the UI to become unresponsive.
• Bitbucket Cloud Integration: Updated API calls to use the new workspace-scoped endpoints, following Bitbucket Cloud's deprecation of cross-workspace APIs.

  Release Date: October 25, 2025

We're excited to announce a major enhancement to our Slack integration that brings comprehensive notification coverage for all incident lifecycle events, honeytoken alerts, and public monitoring incidents. This unified notification framework provides complete visibility into your security posture directly in Slack.

What's new?

Complete Incident Lifecycle Coverage: Previously, Slack notifications only covered new incident detections and regression. Now you can receive notifications for every critical event including resolution, assignment, status changes, comments, access control, and sharing - giving you complete visibility into incident management workflows.

Public Monitoring Support: Public monitoring incidents can be sent directly to Slack channels, enabling teams to receive perimeter security alerts alongside internal monitoring alerts.

Honeytoken Alerting: Slack notifications now support honeytoken events, providing immediate alerts for honeytoken activity, previously only available via custom webhooks and email.

Flexible Configuration: Enhanced Slack webhook configuration allows teams to subscribe to specific event types per channel, providing granular control over notification preferences.

Why is this important?

Security teams need real-time visibility into all security events to respond quickly and effectively. This enhancement addresses key customer feedback about missing notification updates for incident resolution and status changes, while extending Slack integration to public monitoring and honeytoken.

Get Started Today!

This enhancement is automatically available for all workspaces. Existing Slack integrations will maintain their current notification settings, while new configurations can be set up with expanded event coverage.

Learn more about Slack integration configuration | Configure honeytoken alerts

Enhancements​

• GitGuardian Bridge: Extended support for GitGuardian Bridge to SaaS EU. Learn more about GG Bridge.
• Public API: Enabled editing of Custom Monitored Perimeter via Public API for all sources (except for custom sources).
• GitLab Integration: Improved performance of the GitLab source selection interface to prevent browser unresponsiveness when searching through large numbers of namespaces, groups, and repositories.

Fixes​

• Perimeter: Fixed an issue where the scan button was not visible for members who are not in the all incidents team.
• SSO: Fixed an issue preventing IDP configuration creation due to missing default SCIM team permissions.
• Sources:
  • Fixed tooltip displaying "unknown error" for failed scans when the actual reason was branch deletion.
  • Resolved JFrog Container Registry health check failure when the first registry contains no repositories.
• Incidents:
  • Fixed an issue where occurrences displayed incorrect commit and file information, ensuring accurate incident tracking data.
  • Fixed an issue where the "Requires code fixing" section failed to load in some condition.