• Documentation

What happens when data is redacted?

Guard Detects sends an alert when potentially sensitive data is detected. If you determine that the data is sensitive and should not exist in the page or issue, you can choose to redact it. Redact sensitive data from Confluence or Redact sensitive data from Jira.

Who can do this?
Role: Organization admin, Guard Detect admin
Atlassian Cloud: Atlassian Guard Premium
Atlassian Government Cloud: Not available

When you redact, the sensitive data is deleted and replaced with a solid bar to indicate the place where text was deleted. The length of the bar is not related to the length of the sensitive data and can’t be used to restore the sensitive data.

Diagram showing data detected, alert sent, and the page with data redacted.

You can’t restore redacted data. You can later edit the page or work item to remove the solid bar if you want to.

Where is data redacted?

Sensitive data is detected in and redacted from

  • Confluence page title, page body, and code blocks.

  • Confluence blog post title, blog post body, and code blocks.

  • Jira work item fields, history, comments, and code blocks.

Sensitive data is not detected in or redacted from:

  • whiteboards, live pages, or databases

  • space or project descriptions, sprint names, or other free text areas

  • text added via some third-party apps or macros

  • audit log activities that existed before the redaction

Is data redacted from the history?

Yes. In Confluence data that is redacted from the current version of the page is also redacted from historical versions of the page.

Can I redact selected instances?

Yes. If the page contains more than one instance of the same type of sensitive data you can redact all of them, or only selected instances.

For example, if you have a Confluence page that contains three test credit cards and one real credit card, you can choose to redact all instances, or only redact the real credit card, and leave the others in place.

A new alert will be generated for the remaining sensitive data, and alerts will continue to be generated if someone updates the page in future. To prevent this happening, you could consider excluding the page from that particular content scanning detection.

What does the user see when data is redacted?

The actor will get an email and an in-app notification to let them know that sensitive data was redacted.

When they view or edit the page or work item, they’ll see a solid bar to indicate the place where text was deleted. This experience is the same for anyone who views the page or work item.

Jira task and Confluence page showing a black bar where a bank account number would be

 

Still need help?

The Atlassian Community is here for you.
Ask the Community
On this pageWhere is data redacted?Is data redacted from the history?Can I redact selected instances?What does the user see when data is redacted?
CommunityQuestions, discussions, and articles