Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Would your team use a tool to detect and redact secrets shared in Confluence pages?

johnsbucket
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 5, 2025

In many orgs, credentials and secrets (API keys, tokens, passwords) accidentally end up in Confluence pages, comments, or file uploads.

 I’m exploring an AI tool that:

  • Scans content and attachments in Confluence for exposed secrets

  • Flags them with a summary (e.g., page, location, type of secret)

  • Suggests a redacted version of the page or attachment

  • Optionally lets you create a Jira issue to track remediation 

Would this solve a real pain point for your teams?

Have you ever had to clean up secret leaks in Confluence manually?

Would you want this as a background scanner with notifications, or something more interactive?

Appreciate any thoughts trying to validate before building.

2 answers

2 votes
fzmuhammad
Contributor
July 5, 2025

This would be super useful. We've had to manually clean secrets from Confluence before, and it's a hassle. Auto-scanning with redaction suggestions and Jira integration sounds ideal. A background scanner with notifications would be the best fit, low friction, high impact. Solves a real problem.

1 vote
Staffan Redelius
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 5, 2025

Hi @johnsbucket  and welcome to the Community!

I think this sounds interesting, are you thinking of building some kind of app doing this?

By your explanation it sounds like at least some of the features are included in the Atlassian Guard Premium subscription. Would your app add additional functionality or similar at a lower price?

https://www.atlassian.com/software/guard/guard-premium

Best regards,
/Staffan

johnsbucket
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 5, 2025

Yes, I’m currently in the early validation phase exploring if this should be built as a Forge app, a Rovo agent, or something standalone with Atlassian API integration.

 

You’re right Atlassian Guard Premium does provide secret scanning in Bitbucket (and auditing across the org), but here’s how this tool could go beyond that:

 

1. Multi-product coverage (not just Bitbucket)

This agent would scan across:

  • Bitbucket commits and PRs
  • Confluence pages, attachments
  • Jira tickets and file uploads

2. Active secret validation

Instead of just regex matching, it would ping the secret (where safe) to check if it’s valid  reducing false positives.

 3. Suggested remediation

It wouldn’t just alert — it would:

  • Auto-generate PRs to remove/replace secrets from code
  • Suggest redactions for Confluence pages
  • Create Jira issues to track exposure and clean-up 

4. Human-in-the-loop control

All actions would require manual review so nothing gets auto-applied without confirmation.

The goal is to combine broader coverage, practical remediation, and lightweight pricing — especially for teams not already on Guard Premium, or those who want deeper automation on top of it.

Would love to know  is your team using Guard now, or evaluating alternatives?

Like Andy Gladstone likes this

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Product Admin Site Admin
TAGS
AUG Leaders

Atlassian Community Events