New "AI" workspace setting

The “AI” settings page will provide workspace admins with self-service controls to authorize or deny the use of AI in their workspaces.

Automated playbook: Auto-close low-risk incidents

Implement an automated playbook that closes incidents with a risk score under 25, targeting events stemming from test files, documentation, examples, and other clearly low-priority contexts.

Public Source - Github Gists and Events

Add GitHub Gists and public Events as public monitoring sources, extending secret detection coverage across the broader GitHub ecosystem beyond repositories.

Natural language to filters

Let users describe what they're looking for in plain language and automatically translate it into dashboard filters, reducing friction for incident triage.

Attachments scanning on Atlassian integrations

Jira Cloud, Confluence Cloud, Jira DC, Confluence DC

False Positive remover for Non-VCS sources

Deliver a model (ML or LLM) for non-VCS sources (e.g., Confluence, Jira, Slack, Teams) with clear performance metrics and an improvement plan for reducing noise in non-VCS incidents.

Analytics overview for Public Monitoring and NHI

Extend the Analytics Overview page with public monitoring and NHI data, giving security teams a unified view of their exposure across all monitoring scopes.

Mitigate rate limits on GitHub check runs

Address GitHub Check Runs rate limit bottlenecks faced by large organizations.

Unhealthy status & transient error management

We need to better handle behaviors of our application when our Sources integrations face errors with our users' instances.

Member + team mention in incident notes ("@john")

GitGuardian users struggle with collaboration, so we’re adding a mention (ping) system in incident notes to improve visibility and response while ensuring proper permissions and notifications.

Filter alerts and tickets creation by incident criteria

Define custom rules to control which incidents trigger alerts and tickets. Filter by severity, ML risk score, validity, and secret type to ensure teams only receive notifications for critical security issues, minimizing noise and accelerating triage.

GitHub Check runs on GitGuardian dashboard

Add a dedicated Check Runs page in the dashboard for full visibility into every scan: status, timing, associated commits, linked incidents, and recovery options — directly addressing a top customer pain point.

Gateway API routing for Self-Hosted

Replace legacy NGINX routing to enable standardization and unblock webapp autoscaling.

Remote GitGuardian MCP server for SaaS

Host GitGuardian's MCP server so developers can connect without manual setup, driving adoption of security tooling in AI coding workflows and marketplaces.

Public source - DockerHub - Deterministic attribution

Monitor Docker Hub for secrets linked to your organization - detect exposed credentials where your company's domain appears in the secret value or anywhere in the image content.

Display full insights from the Analyzer or JWT & Base64 detectors

Whatever the Analyzer or encoded detector can feed us back with we display it

Perimeter Page 2.0: coverage & observability hub

Transform the Monitored Perimeter page into a Coverage & Observability Hub with improved visibility, actionability, and on-demand scan management for daily security operations.

GitGuardian Agent v1

Explore in-app AI agents to assist SecOps with long-running, complex tasks 24/7, reducing manual workload for teams with limited security resources.

Automatic user and team sync with GitHub

Add the option in the dashboard to synchronize users, teams, and team perimeters with GitHub.

AWS S3 secret scanning

Enable secret scanning for AWS S3 buckets, automatically detecting exposed credentials and sensitive data stored in object storage across customer environments

Unified Exclusion Rules for Public & Internal Monitoring

Unify under a single Settings entry Exclusion Rules covering 3 types — Source, File path, Pattern — applicable to Public and Internal Monitoring, with capability differences flagged in the UI.

Threaded notification and direct-to-developer DM in Slack

Enable threaded Slack notifications and direct-to-developer DMs for Internal and Public Monitoring events, keeping incident discussions organized and routing alerts to the right people.

ggshield authentication at scale

Enable mass ggshield deployment without per-developer authentication, supporting 100+ machines with background scans and a centralized inventory view.

Allow Generic Detectors for non-VCS

Extend non-VCS sources (e.g., Confluence, Jira, Slack, Teams) scanning with support for generic and ML-based detectors, broadening secret detection coverage beyond structured VCS integrations.

Jira Cloud Recurrent Scan

Allow outbound only connection from GitGuardian Self-Hosted instances

Block GitHub check runs based on incidents criteria

Set flexible rules to control which incidents block pull requests — filter by severity, ML risk score, validity, and secret type to fail checks only for high-risk detections, reducing noise without compromising security.

Perimeter Selection Enhancement

Improve navigation and coverage by providing fine-grained filtering capabilities

VEX Report automation for Self-Hosted releases

Automate CSAF 2.0 VEX report generation for self-hosted releases to provide customers with auditable CVE justifications for all container images

Secret graspers in history

Enable historical scans to run against customer-defined secret graspers, retroactively surfacing secrets leaked before the grasper was created and closing historical coverage blind spots.

Service Now ticketing for public monitoring

Extend ServiceNow ticketing to Public Monitoring events, bringing parity with Internal Monitoring and enabling unified incident tracking across all monitoring scopes.

Jira Cloud/JiraDC ticketing for public monitoring

Extend Jira Cloud and Jira DC ticketing to Public Monitoring events, reaching parity with Internal Monitoring for unified issue tracking across all incident types.

Wiz ASPM integration

Integrate GitGuardian with Wiz ASPM to surface secrets and NHI risks within customers' Wiz security context, enriching their application security posture management.

Time-aware historical scans

Make historical scans time-aware, scanning each developer only during their active perimeter period to eliminate irrelevant incidents from before they joined or after they left.

AI/ML Risk score for Self-Hosted

Bring ML-powered risk scoring to self-hosted deployments, enabling customers to prioritize incidents by predicted severity without relying on SaaS cloud connectivity.

Support Public Monitoring on Self-Hosted instances

Health checks for alerting and ticketing

Automatically detect and deactivate misconfigured alerting and ticketing integrations, prevent retry loops, and surface actionable guidance to help users fix broken notifiers fast.

Customer-managed SSL private keys for GG Bridge

The goal is for customers to maintain complete security control by generating and owning their private keys for GGBridge mTLS connections, ensuring sensitive credentials never leave their infrastructure.

Users can use the assistant to query their data with SQL

Let users express incident navigation in plain sql

GitGuardian Agent is available for public incidents

Extend the GitGuardian Agent to support public incidents, which are currently out of scope.

Custom source (BYOS) integration improvements

Improve BYOS flexibility with async mode support, custom metadata (e.g. author email), and nested-source management per integration.

Pager Duty alerting for public monitoring

Enable PagerDuty alerting for Public Monitoring events, ensuring on-call teams are notified for all public secret incidents at parity with Internal Monitoring.

Deliver Workspace Custom Remediation via MCP server

Drive ggshield adoption via GitHub check runs

Block PR merges for developers inactive on ggshield for 30+ days, with automated reminders to drive CLI adoption, close shift-left coverage gaps, and prevent secrets from reaching GitHub.

Smart incident routing

Multi-assignee incidents + ownership resolution: resolve who should remediate (via VCS signals, uploaded data, CMDB/MCP) and assign multiple people or teams in one action.

Remote GitGuardian MCP server for Self-Hosted

Run MCP server within Self-Hosted infrastructure

Historical Scanning planification

Ability to configure and plan historical scanning from API and UI

Implement worker-based feature visibility controls

Hide self-hosted features when their dedicated workers aren't provisioned, expose worker queue observability, and enable worker telemetry.

Custom email templates for incident notifications

Customize the content, branding, and sender of email notifications sent on new secret incidents — so recipients recognize the message as legitimate and understand the remediation steps expected by your organization.

Single Sign-On via OpenID Connect (OIDC)

Add OIDC as a Single Sign-On option for GitGuardian, complementing existing SAML support and giving customers more flexibility to plug into their identity provider of choice.

Resolve and triage incidents from Slack & Microsoft Teams

Triage and resolve GitGuardian incidents from Slack or Microsoft Teams with full two-way sync — meet developers where they already work.

Microsoft Sentinel alerting integration

Stream GitGuardian secret incidents into Microsoft Sentinel for centralized SOC triage and automated response.

Improve filtering & sorting by time dimension

Improve our support time-based filtering and sorting for incidents and occurrences, including last occurrence and closure dates.

Custom workflow / manager approval

Analytics v4

Bring your own LLM Provider : Azure AI Foundry

https://ai.azure.com/

Bring your own LLM provider : GCP Vertex AI

Red team agent (public monitoring first)

From the moment a secret is discovered, the Red Team agent will investigate and report on the potential damage that could arise from that particular secret.

Incident Escalation & SLA

We will add escalation policies to GitGuardian's incident management — configurable per-team SLA timers that automatically elevate stalled incidents through notification tiers (L1 → L2 → manager), with the AI Agent proactively detecting at-risk incidents

Restrict Settings Access for Members

Enforce dashboard settings access restriction for Members and Restricted Users.

GitGuardian Bridge for Self-Hosted Isolated Networks

Enable self-hosted instances to securely connect to resources across isolated networks, removing the need for direct network access or complex firewall rules between environments.

AWS Security Hub integration

This integration would enable Security Hub’s enterprise customers to directly ingest and manage GitGuardian incidents within their AWS security operations.

Developer page

Restore GPUB parity by introducing a developer page, letting users navigate from an incident to a developer's profile, perimeter dates, and GitHub link.

Discord alerting for public monitoring

Enable Discord notifications for Public Monitoring events, reaching alerting parity with Internal Monitoring across all public secret incident types.

Splunk alerting for public monitoring

Enable Splunk alerting for Public Monitoring events, bringing parity with Internal Monitoring and supporting the full event range for public secret incidents.

SARIF format for Incidents API

SARIF (Static Analysis Results Interchange Format) is an OASIS standard JSON format for static analysis tool output. Current version is 2.1.0. It's the de facto lingua franca for AppSec tooling. SARIF standardizes findings so they can flow into code scan

Webex alerting for Internal and Public monitoring

Enables automated notifications to Webex when an internal or a public secret is detected, streamlining incident response.

Native team and permission sync from GitLab

Mirror your GitLab project membership and permissions into GitGuardian teams automatically. Keep team access aligned with GitLab as your source of truth.

GitHub Issues and Pull Requests for incident remediation

Notify developers about secret incidents directly in GitHub by automatically creating Issues or Pull Requests on affected repositories — reaching the right developers in their existing workflow.

Rule-based automatic tagging of incidents/occurrences

Assistant : Help onboard new and infrequent users

Speed up remediation and reduce friction for infrequent GitGuardian users by letting them ask the in-app assistant directly for instant clarification on workflows and confusing concepts like "perimeter" — no videos or static guides needed.

Explain Checker & Analyzer (UI or Assistant surfaces)

Enable GitGuardian Agent to answer "how does it work?" questions about checkers and analyzers, providing clear technical explanations including code, YAML configuration, API call sequences, and decision logic behind secret validity checks.

Agent : Per-tool permission controls

Let users and admins configure per-tool permissions for the GitGuardian Agent, with workspace-level enforcement and role/user override controls.

Enriched analytics for Public Monitoring

Bring Public Monitoring analytics to parity with Internal Monitoring, giving customers trend visibility, coverage metrics, incident distributions, and perimeter activity data.

Public Source - DockerHub - AI-powered attribution

AI-powered Docker Hub monitoring - detect secrets linked to your company beyond explicit domain matching, through intelligent leak attribution

Improve secret matches preview for Non-VCS Sources

Our current preview for secrets uncovered in Other Data Sources is not ideal: word wrap is not supported, markdown is not rendered... This project aims to improve this and provide a better secret matches preview to help our users during incidents

Health checks through public API

Expose health check status for all integrated sources and destinations via the Public API, enabling customers to programmatically monitor and diagnose their integrations.

Microsoft Teams alerting for public monitoring

Enables automated notifications to Microsoft Teams when a public secret is detected, streamlining incident response. Subsequent alerts for the same incident are threaded under the original notification.

Enhance historical scan UX

Reduce friction and support burden around historical scans: improve status visibility, add scan management API, enforce guardrails (dedup, rate limits, cost warnings), fix cancel reliability, and surface self-hosted configuration issues.

Public source - npm.js

Add npm.js as a public monitoring source to detect secrets leaked in package source code, configuration files, and build artifacts published to the npm registry.

Generate Support Bundle in GitGuardian dashboard

Empower self-hosted users to create support bundles directly from the dashboard, eliminating the need for the Krew plugin manager. This simplifies troubleshooting by allowing quick and direct access to diagnostic data and streamlining the support.

Scalable custom perimeters (pagination, search, bulk actions)

Allow custom perimeter to scale with hundreds of thousands of sources, featuring pagination, advanced treeview, search, and bulk actions.

Slack app secret scanning: marketplace-ready integration

Improvements in Slack Application to make it accepted on Marketplace

AI coding assistant integration (Cursor, Claude hooks)

Integrate GitGuardian secret detection into Cursor and Claude coding hooks, preventing secrets from being introduced during AI-assisted development.

Network Policies in GIM

Address lacks of default NetworkPolicies for traffic enforcement

Gerrit secret scanning

Support Gerrit VCS as a native integration

Team perimeter for non-VCS sources

Enable fine-grained team perimeter management for non-VCS sources (e.g., Confluence, Jira, Slack, Teams) within GitGuardian Dashboard. This will allow organizations to restrict and delegate access to incidents and integrations from these sources.

NHI Admin / Overprivilege flags

Surface overprivilege flags on non-human identities, helping security teams identify NHIs with excessive permissions and reduce their attack surface.

Github Actions Integration

Integration of Github as a secret source

MFA with One-Time Password via email

Add an extra layer of protection for accounts that sign in with email and password. After login and before sensitive changes, you enter a one-time code sent to your inbox.

Partial Key matching

Correlate SaaS integration data (OpenAI, Anthropic) with ggscout inventory and incidents using partial key hints (prefix + suffix), improving NHI coverage and secret lifecycle visibility.

Version update alerts for Self-Hosted customers in GitGuardian dashboard

Self-hosted customers need proactive notifications within the GitGuardian dashboard when new versions are available, reducing the manual effort required to stay current with security updates and new features.

Red Hat Quay Integration

Add Red Hat Quay as a supported container registry source, enabling secret detection in images and artifacts stored in customers' Quay instances.

JFrog Artifactory package registry secret scanning

This project aims to add an integration to cover JFrog Artifactory in addition to JFrog Container Registry that we already cover.

Ownership of NHI

Add ownership to NHIs by auto-categorizing owners from integration data and enabling users to manually assign, update, or remove ownership in the dashboard.

Dark mode and refreshed light theme

Update the design system to support dark mode and refresh the light mode color palette, ensuring consistent theming across all ui components and key pages.