Secure your organization with data visibility and classification at scale

Hi Guard community

We have exciting new data loss prevention (DLP) capabilities coming to Atlassian Guard Premium, now available through our early access program (EAP). These capabilities bring together full-site scanning, enhanced out-of-the-box detections, automatic data classification, and reclassification controls to help you discover and classify data at scale.

We understand that the more your organization grows, the more your data sprawls, and the harder it is to track down sensitive information. We built this for admins who are facing challenges manually classifying spaces and gaining visibility into data that has been accumulating in Jira and Confluence over years or even decades.

What’s new?

Guard Premium already helps you protect data through content scanning, data classification, and org-level data security controls (which we’ve recently made easier to configure and manage at scale - learn more here). The new capabilities take that further with expanded sensitive data discovery and automated data classification. Here’s what we’re shipping:

1. Full-site scanning: discover sensitive data across all of your existing Jira and Confluence content for full visibility

2. Enhanced out-of-the-box detections: use our 60 new built-in detections to scan for a wider range of data without setting up custom detections

3. Automatic data classification: automatically classify and protect data consistently and at scale

4. Reclassification controls: control who can classify content and when to maintain classification integrity

Picture this end-to-end workflow:

When you run a full-site scan, Guard will detect a bank routing number that was added to a Confluence page 15 years ago and automatically classify that as Critical. It then enforces the data security policy set for that classification level: block export.

Similarly, if someone tries to enter a bank routing number into a new Jira work item today, Guard will instantly classify it and enforce the block export policy.

This means your sensitive data, whether from 15 years ago or today, is classified and protected based on your data security policy. This all happens without manual intervention, and can be scaled across your Jira and Confluence apps. With this record, you can continue growing on the Atlassian platform with the trust that your data is governed consistently.

Read on to see it in action.

1️⃣ Full-site scanning

Full-site scanning expands on content scanning to cover data at rest, meaning you can run a scan across your Jira and Confluence to detect sensitive data that may have been accumulating over the years. You can choose to scan your whole org, or specific sites. Results are delivered in a detailed CSV with identifiers to help you understand the type of content and locate it. You can then use an API for remediation and redaction of discovered data, supporting compliance and helping you feel more confident to turn on AI.

Please note, the CSV files:

• Do not contain raw detected data.

• Do contain pointers and metadata that let you locate content and remediate it.

Learn more about how to use your scan results here.

---

2️⃣ Enhanced out-of-the-box detections

Along with full-site scanning, we’re expanding our out-of-the-box detections with 60 new detections for more Atlassian customer geographies, as well as commonly used generic token and API key patterns. We’ve also improved the accuracy of our existing detections, so your scans can detect more data types with less overhead for writing, testing, and maintaining custom detections.

See the where you can find the new detections and how to enable them here.

---

3️⃣ Automatic data classification

Next, automatic data classification allows you to configure rules that automatically set classification labels based on content scanning detections. For example, you can map passport numbers to the Critical label. Once the rules are set up, classification happens at the work item- or page-level for both existing and new content in near-real time. That means you can achieve granular, consistent classification across your org, with audit trails maintained for all changes.

See our support page for more information on setting up classification rules.

---

4️⃣ Reclassification controls

Additionally, we are enabling reclassification controls, allowing you to configure minimum classification levels and decide who can reclassify content — whether that's org and space admins only or end users. This ensures that once content is labeled (manually or automatically), that there is governance in place to maintain its integrity and accuracy.

Visit our documentation here to learn more about reclassification controls.

How can I join the early access program?

Already have Guard Premium? These capabilities are available now in Early Access. You can sign up using the link here!

New to Guard? Start a free, 30-day Guard Premium trial, then follow the steps above to test out these DLP capabilities for your organization.

As always, we welcome your feedback and partnership. Please feel free to comment your thoughts or questions. Thank you!

The Guard team