Scanning Content for Sensitive Information
Content for a given space can be scanned by selecting the space or a specific page to scan.
Only space administrators and Confluence administrators can access the space’s Security Scan page.
To view and trigger security scans, if you are not a Confluence administrator, you will need Space administration permissions. Navigate to your space of choice, and then go to the Soteri Security Scans tab.
The space’s scan status and all findings in the space will be displayed. You can select a page in the dropdown list to get the scan status and findings just for that page.
Above, we see two findings. For each of them, the specific text that matched the listed rule’s regex is highlighted. Specifically, this is the group 0 match – what the entire expression captured. For more information, see the Java 8 Regular Expression documentation.
What content is scanned?
Content | Scanned |
---|---|
Page body | |
Blog posts | |
Attachments | |
Comments (including inline) | |
Drafts |
Stale and outdated scans
If a space is scanned, and subsequently some page body or blog post in that space has been added, removed, or changed, then the Scan Report will indicate that the space scan results are stale, and hence the space should be re-scanned.
Additionally, if a space is scanned, and subsequently a global detection rule has been toggled, then the Scan Report will indicate that the space scan results are outdated, and hence the space should be re-scanned.
This warning also appears for each page where the enabled global rules have changed since its last scan.