GitGuardian Q2 2025 Recap

Read the full article here: https://blog.gitguardian.com/q2-2025-recap-gitguardian-sharpens-the-edge-on-secrets-security-and-agentic-ai-protection/?source=nhimg

This quarter, we at GitGuardian doubled down on our mission to secure the real environments where development happens—from Microsoft Teams chats to AI IDEs, from public GitHub repos to your Jira backlog. It’s no longer enough to protect the codebase. In Q2, we redefined what the modern secrets perimeter looks like—and gave you the tools to defend it.

Let’s take a look at what we shipped.

Full Visibility, Zero Blind Spots

• Microsoft 365 Ecosystem Coverage - Secrets now hide in more places than just code. That’s why we added detection across Microsoft Teams, SharePoint, and OneDrive—so you can uncover exposed credentials in chat threads, shared docs, and cloud drives before attackers do
• Historical Scanning for Atlassian - Secrets leaked months (or years) ago can still hurt you. Our retrospective detection now includes Confluence and Jira Data Center, joining existing support for Confluence/Jira Cloud. No more blind spots in your collaboration stack

Public Monitoring, Now Built In

Secrets don’t just leak internally. With Public Monitoring now integrated into the GitGuardian platform, you get unified visibility into secrets exposed on public GitHub—including in personal repos.

That means:

• One dashboard

• One workflow

• One place to correlate internal and external exposure

Your security team can now trace the blast radius of any leaked secret—whether it lives in a CI pipeline, a vault, or a developer’s GitHub repo.

Agentic AI Security: Meet the MCP Server

We’re proud to launch the GitGuardian MCP Server, purpose-built for AI-powered IDEs like Cursor and Windsurf.

Now, AI agents writing code in real-time can:

• Scan for secrets on the fly

• Generate honeytokens

• React to incidents securely inside the IDE

We designed it to be read-only, namespace-safe, and developer-friendly, giving AI agents guardrails without slowing them down.

Identity Governance with SCIM Automation

Security teams asked, we delivered. Our new SCIM integration supports automatic provisioning and deprovisioning via Okta or Microsoft Entra ID.

• Add a user in your IdP → They appear in GitGuardian, ready to triage.

• Remove them → Access revoked instantly.

This closes the loop between your identity layer and your secrets detection program, all without manual work.

Enhanced Detection. Smarter Coverage.

• 30+ new detectors

• 50+ updated

• Including Perplexity AI, Anthropic, Artifactory, GitLab, and Kubernetes enhancements

We recommend re-scanning your environments to benefit from the improved accuracy and expanded threat coverage.

One Platform. Every Surface.

From chat logs to LLM agents, from public GitHub leaks to forgotten SharePoint links—we’re securing the entire lifecycle of your secrets. No matter where they live, or who leaked them, GitGuardian is the unified detection and response platform for modern development security.