What is a content scan?

To give you full visibility into where sensitive data exists, you can scan Jira and Confluence data at rest in your organization. You can use the results from the scan to either redact the data or assign people in the organization to take appropriate action.

If you’re already using Guard Detect, you likely have certain detections enabled for content in Jira and Confluence. When the detection criteria is met, alerts are generated for newly created or updated data. See What sensitive data is detected? for what is and isn’t scanned. You may have also adjusted your alert settings, or switched off some detection types. These configurations don’t apply when you perform a content scan on your data at rest.

When you start a content scan, it checks for all detections, regardless of your Guard Detect configuration. It provides a thorough set of results for all detections.

If you want to include any additional detections — for example, a particular RegEx pattern — make sure you create a custom detection and tested it before you start a scan.

Security considerations

The results of the content scan are stored in a zipped CSV file for each of your Jira and Confluence apps, available from within Guard Detect. Atlassian can’t see your data in the CSV file. Atlassian can only see evidence of whether the scan worked.

The zipped CSV file doesn’t contain any potentially vulnerable data, but it does contain details of where to find that data. Make sure you store the files somewhere safe.

Your data scan is a snapshot in time, so you will still need to rely on real time scanning when content changes or is added. What sensitive data is detected?

Navigate the dashboard

The Content scan page of Guard Detect displays a dashboard to help you monitor and manage your content scans. If you haven’t performed any content scans, your history will be empty.

The scan history displays information about each content scan, as well as options to manage each scan.