Security Analysis: Viewing scan results for a space
The Security Analysis for a given space allows administrators to view and handle scan findings for the space.
Only space administrators and Confluence administrators can access a space’s Security Analysis.
There are two ways to reach a space’s Security Analysis. First, you can reach it from the Soteri Dashboard, by clicking the name of the space:
Or, while viewing the space in Confluence, you can click the Security Analysis link in the side panel:
The space’s scan status and all findings in the space will be displayed.
You can select a page in the dropdown list to get the scan status and findings just for that page.
Above, we see a single findings. For each of them, the specific text that matched the listed rule’s regex is highlighted. Specifically, this is the group 0 match: what the entire expression captured. For more information, see the Java 8 Regular Expression documentation.
Scan warnings
The Security Analysis will warn you if a previous scan is stale or outdated.
Stale scan
If content in a previously scanned space is added, removed, or updated, and automatic scanning is disabled, then the Security Analysis will indicate that the space’s scan results are stale, and the space should be re-scanned.
Outdated scan
Additionally, if a space is scanned, but a global detection rule is later toggled, then the Security Analysis will indicate that the space scan results are outdated.
This warning also appears for each page where global rules have changed since its last scan.