Protect sensitive data without slowing your teams down

Your teams want to collaborate openly in Jira and Confluence. Your security and IT teams need to prevent data sprawl, exfiltration, and insider threats.

Locking everything down kills velocity. Leaving everything open introduces serious risk. Atlassian Guard Premium helps you do both.

What is Guard Premium?

Guard Premium is an advanced security and governance layer for Atlassian Cloud. While Guard Standard covers the fundamentals (SSO, SCIM, MFA, mobile policies, and admin-level audit logs), Guard Premium adds data protection, threat detection, and incident response across Jira, Confluence, and other supported products.

Guard Premium is built around three pillars: Protect, Detect, and Respond, with additional capabilities that span across them:

Protect data classification and policy-based controls

• Define sensitivity levels (such as Public, Internal, Confidential, and Restricted) and apply classification labels across Confluence pages and Jira issues.

• Create data security policies tied to classification levels. For example, block exports on "Restricted" content, prevent public sharing of classified pages, or block attachment downloads.

• Set an org-wide default classification level, then create exceptions where needed.

• Classification works consistently across your Atlassian organization.

📖  What is data classification? | Atlassian Support
       What is a data security policy? | Atlassian Support

Detect threat detection and content scanning

• Content scanning alerts you when potentially sensitive data is added to Confluence pages, blogs, live pages, comments, and Jira issues — covering financial data (credit card and bank account numbers, crypto addresses), credentials (API tokens, private keys), identity data (US Social Security numbers), and custom terms you define.

• User activity detection monitors five categories across Jira, Confluence, Bitbucket, and Atlassian Administration: data exfiltration events, unusual user activity, authorization and access events, app configuration changes, and integration changes.

• Enhanced audit logs give you user-level activity tracking, API token monitoring, and webhook support — going well beyond the admin-level logs in Guard Standard.

• Detections generate alerts with full context: who triggered it, what content was involved, and recommended next steps.

📖 What is Guard Detect? | Atlassian Support  
     What user activity is detected? | Atlassian Support

Respond investigation and remediation

• A central alert dashboard gives you one place to see all detections. Each alert includes detailed actor profiles showing roles, app access, session and device info, location, and a searchable activity timeline.

• Alerts include guided investigation steps and quick remediation options: suspend users, revoke tokens, adjust policies, or redact sensitive content directly.

• Set up automated response actions so your team can contain threats without manual intervention.

• Create Jira or JSM incidents directly from alerts to hand off to your security team for deeper investigation.

• Stream alerts to Slack, Microsoft Teams, Splunk, Jira, JSM, Opsgenie, or any tool via webhooks — so your security team can work where they already are.

📖 Investigate and remediate an alert | Atlassian Support
      Send alerts to your own tools | Atlassian Support

🎥 Join our upcoming webinar

Want to see this in action? We're hosting a live session walking through Guard Premium capabilities with a product demo

Un-compromised collaboration: frictionless security for your Atlassian stack

• Date: May 27, 2025

• Time: 2:00 p.m. to 3:00 p.m. CEST

                                               Register here

Can't make it live? Register anyway. The recording will be shared with all registrants after the session, along with other documentation and guides.

BIG KUDOS to @Pablo Bastos for building the content behind this session.