Bedrock knows that enterprises use internal collaboration tools to store and share some of their most sensitive corporate data. That’s why we now support Atlassian Confluence as a native data source, extending Data Security Posture Management (DSPM) capabilities to unstructured collaboration environments. This integration enables the automated discovery of Confluence Spaces and provides granular visibility into access patterns and sensitive data residence across Folders, Pages, Live Pages, and Blogs.

Mechanism and Access Logic Upon configuration, Bedrock enumerates the Confluence hierarchy to map the relationship between content objects and identities. The system analyzes permissions at the object level and resolves complex inheritance structures, accounting for access granted via parent objects and broad space-level restrictions. This allows security teams to determine effective permissions, validating which users and groups utilize specific access paths to reach content.

Sensitive Data Scanning Concurrent with access mapping, Bedrock scans the text content within Pages and Blogs for sensitive information. By leveraging the platform’s AI-Driven Categorization, the system identifies PII, secrets, and intellectual property embedded in unstructured text. All discovered metadata and classification tags are indexed in the Metadata Lake, enabling operators to query Confluence risk alongside other data estates via the Bedrock Console or Graph API.

Security Configuration The integration adheres to a least-privilege security model. Scanning operations require only a read-only, fine-grained Atlassian access token, ensuring the discovery process does not introduce write permissions or excessive privileges into the target environment.