By default, Security for Confluence will automatically scan newly created spaces and imported spaces. Also, for existing spaces which have been scanned at least once, Security for Confluence will automatically scan new and updated content.
However, if an existing space has not been scanned, Security for Confluence will not automatically scan new and updated content for it. This gives administrators more control over the available computing resources, preventing a potentially large scan from running unexpectedly.
If a space is copied by way of a third-party app, Security for Confluence is not guaranteed to completely scan the copy. Administrators are strongly encouraged to manually scan the copied space at least once.
The automatic scanning status of a given space can be seen in its Security Analysis.
Only Confluence administrators and any user granted explicit app access have access to these settings.
If “Keep space scans up-to-date” is disabled, no audit log event will be published when users publish pages or blog posts containing new findings.
If auto-scanning is changed, reloading the Security Analysis for a space will reflect the change.
When auto-scanning is enabled, Security for Confluence can also notify content authors when they publish potentially sensitive information automatically. See Email notifications for content authors for more details.