GitGuardian Now Flags Overprivileged and Admin Secrets Across AWS, Entra, And Okta Identities

GitGuardian NHI Governance will now automatically flag machine identities that carry admin access and have more privileges than they actually use.
GitGuardian NHI Governance has been able to surface policy breaches for long-lived secrets, Duplicated Secrets, and, of course, if the secrets have been leaked publicly or internally.

Now, you can immediately see which Non-Human Identities hold admin rights across AWS, Microsoft Entra, and Okta. That includes roles such as AWS AdministratorAccess, Entra Global Administrator, and Okta Super Admin. Those identities are now clearly marked in the inventory, so the highest risk access stands out right away.

GitGuardian has now added an "Overprivileged Identity" policy that flags NHIs with permissions broader than they need to get their work done, helping teams push machine identities back toward least privilege.
We have also updated risk scoring for these highly privileged NHIs.

GitGuardian now automatically raises the severity by a level, up to critical. So if a leaked secret belongs to an admin identity, it gets treated as the high-impact problem it really is.

Read more at:
https://docs.gitguardian.com/releases/saas/2026/04/16/changelog