Atlassian Forge App

Protect Your Jira.
Detect Secrets & PII
Automatically.

Secret Scanner monitors every Jira issue and comment in real-time. The moment a credential, API key or personal data is detected, the issue gets labeled, flagged and logged — all inside Atlassian's infrastructure.

Install Free on Marketplace → See Live Demo ↓
No external servers
🇪🇺 GDPR compliant
🔒 SOC2 ready
Zero-config install
Features

Everything you need to keep Jira clean

From real-time scanning to scheduled audits, Secret Scanner handles the full lifecycle of credential exposure.

Real-time Detection

Scans every issue creation, update and comment the moment it happens. No polling, no delay — triggers fire within seconds.

🏷️

Automatic Labels

Applies SECURITY-RISK and PII-EXPOSED labels instantly. When secrets are removed, labels automatically switch to -RESOLVED.

🔍

Historical Scan

Run a full-workspace background scan to find secrets in existing issues. Auto-paginated in batches to stay within Atlassian's execution limits.

📋

Full Audit Log

Every detection is logged with timestamp, issue key, rule name, match count and action taken. Configurable retention up to 1000 events.

⚙️

Custom Rules

Add your own regex patterns to detect company-specific secrets, internal tokens or proprietary formats. Override built-in rules if needed.

📅

Scheduled Scans

Automate periodic scans: every hour, daily, weekly or on a custom N-hour/N-day interval. Configure the start hour for off-peak execution.

How It Works

Up and running in 60 seconds

No servers to configure, no webhooks to set up. Install once and protection is immediate.

1

Install from Marketplace

One-click install from the Atlassian Marketplace. The app connects to your Jira workspace with read/write permissions — no external configuration needed.

2

Automatic Detection

Every issue and comment is scanned the moment it's created or edited. The regex engine checks for 10+ built-in patterns covering AWS keys, GitHub tokens, private keys, credit cards and more.

3

Label, Alert & Log

Found a secret? The issue is labeled, a warning comment is posted for the team, and the detection is added to the audit log. Auto-resolves when the secret is removed.

Live Demo

See Secret Scanner in action

Step through a real detection flow — from a Jira issue with exposed credentials to a labeled, alerted, resolved ticket.

your-company.atlassian.net / jira / DEMO-42
Projects / Demo Project / DEMO-42
DEMO-42 In Progress

Setup AWS infrastructure for production deployment

Description

Configuring AWS production environment for the new ECS cluster. Use the following credentials for initial bootstrap — please rotate after first deploy.

AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
AWS_DEFAULT_REGION=eu-west-1

cc: @devops-team for review

Comments
Status
In Progress
Labels
None
Priority
🔴 High
Assignee
John Doe
Reporter
Jane Smith
Created
Today 14:32
Step 1/4 — A Jira issue is created containing AWS credentials in the description.
Pricing

Free during launch. Full features, zero cost.

The app is completely free while we're in the launch phase. A free tier and a Pro plan will be introduced later — early installers keep all features.

🚀
Launch offer — all features free

Secret Scanner is available at no cost during the launch period. Install now to get full Pro access with no commitment. When paid plans launch, early users will keep their access.

Install Free →

What's coming after launch:

Coming soon
Free
$0/month
Core protection for teams getting started with security hygiene.
  • Real-time detection on all events
  • 10+ built-in detection rules
  • Automatic SECURITY-RISK labels
  • Warning comments on flagged issues
  • Dry-run preview (5 findings)
  • False positive marking
  • Historical background scan
  • Scheduled automatic scans
  • Custom regex rules
  • Full audit log
Coming soon
Coming soon
Pro
via Marketplace
The full power of Secret Scanner for teams that need complete coverage.
  • Everything in Free
  • Historical background scan (full workspace)
  • Scheduled scans (hourly / daily / weekly / custom)
  • Custom regex detection rules
  • Audit log up to 1000 events
  • Label Sync Check
  • Auto-resolve when secrets removed
  • Reset All Data (progressive)
  • Scan custom Jira text fields
  • Priority email support
Coming soon
🇪🇺
GDPR Compliant
🔐
SOC2 Ready
Built on Atlassian Forge
🚫
No External Servers
🔑
Secrets Never Stored