Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
Add people to Beacon
Beacon will soon be part of Atlassian Guard. Read the blog
As an organization admin, you can add people who are not organization admins to Beacon beta (soon to be Guard Detect) by granting them the Product admin role.
The User role is not currently in operation and does not grant access to anything.
Who can do this? |
Grant the product admin role to a user
The process for granting access is the same as granting admin permissions for other products in your organization. Give users admin permissions
To grant the product admin role:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Directory > Users.
Select a user.
Select Grant access and follow the prompts to grant the Product Admin role for Beacon beta (soon to be Guard Detect).
This will add the user to the beacon-admins group.
Add a user to the admin group
You can also grant access by adding people to the beacon-admins group.
This method is useful if you need to add a lot of people or want to automatically add certain people when provisioning users from your identity provider. Understand default groups and permissions for each product
The beacon-users group is not currently in operation, and we don’t recommend using custom groups with Beacon beta (soon to be Guard Detect) at this time.
What information will a Beacon admin see?
In order to investigate an alert, we make certain data available so your team can act quickly. There are two places a Beacon beta (soon to be Guard Detect) admin can access data about the actor or subject:
in an alert
in the actor profile
We only surface information that is relevant to the investigation, such as:
Atlassian administration audit log events for that actor
Jira and Confluence product audit log events for that actor
User profile information including job title, product role, location.
User session information including IP address, login location, device operating system.
Certain activity data such as terms entered in the search field that match our list of suspicious search terms (they don’t see the full text of the actor’s search query)
Confluence space and page titles specifically related to the alert, regardless of whether the user has permission to see those spaces and pages. They won’t be able to see page or space content, just the title.
Jira project titles specifically related to the alert, regardless of whether the user has permission to see those projects. They won’t be able to see project content, just the title.
Granting the product admin role for Beacon beta (soon to be Guard Detect) does not grant the person access to Atlassian administration features at admin.atlassian.com, or the ability to administer other products, or view content they otherwise have no permissions to see.
What remediation actions can a Beacon admin take?
The remediation actions that a Beacon admin can do will depend on their other product permissions.
For example, they can’t suspend an actor or perform any action that requires the organization admin or product admin role unless they hold that role.
Was this helpful?