Atlassian Guard Premium is generally available! Read the blog →
Free for 30 days
Compare features
Standard | Premium | |
Protect against data loss proactively | ||
Feature | Standard | Premium |
Enforced single sign-on (SSO) ? | Standard ✓ | Premium ✓ |
SCIM automated user provisioning ? | Standard ✓ | Premium ✓ |
Authentication policies ? | Standard ✓ | Premium ✓ |
External user security ? | Standard ✓ | Premium ✓ |
Enforced two-step verification ? | Standard ✓ | Premium ✓ |
Mobile app management (MAM) ? | Standard ✓ | Premium ✓ |
API token controls ? | Standard ✓ | Premium ✓ |
Data security policies ? | Standard ✓ | Premium ✓ |
Data classification ? | Standard - | Premium ✓ |
Enforce data security policies by classification ? | Standard - | Premium ✓ |
Detect and investigate suspicious activity | ||
Feature | Standard | Premium |
Automatic product discovery ? | Standard ✓ | Premium ✓ |
Organization insights ? | Standard ✓ | Premium ✓ |
Organization audit log: Admin activity ? | Standard ✓ | Premium ✓ |
Comprehensive organization audit log: User activity, API tokens, Webhooks ? | Standard - | Premium ✓ |
Anomalous activity detections ? | Standard - | Premium ✓ |
Content scanning ? | Standard - | Premium ✓ |
SIEM integrations ? | Standard - | Premium ✓ |
Alert messaging integrations ? | Standard - | Premium ✓ |
Respond to threats before they become incidents | ||
Feature | Standard | Premium |
Alert investigations ? | Standard - | Premium ✓ |
Actor profiles ? | Standard - | Premium ✓ |
Remediation recommendations ? | Standard - | Premium ✓ |
Remediation workflows ? | Standard - | Premium ✓ |
Alert hand-off ? | Standard - | Premium ✓ |
See Atlassian Guard in action
Get more details
Since Atlassian Guard is an organization-wide cloud subscription, you must be a site administrator to sign up for a trial. Follow these steps to get started with your Atlassian Guard Standard evaluation:
Trials for Atlassian Guard Premium will be available at GA, and instructions will be added here at that time. Subscribe to our roadmap to track our progress. |
To help administrators manage multiple Atlassian cloud products and sites centrally, we created a global administration layer called organizations. Through your organization, you can begin managing every user in your company who has access to an Atlassian cloud product and a specific domain or domains in their Atlassian account email address (for example, jane@yourcompany.com). When you’ve verified your domain and your organization directory is populated, you can then apply Atlassian Guard security policies across the users in your organization. |
Atlassian Guard is specifically for Atlassian cloud products while Crowd is for our Data Center products. If your organization has both Atlassian cloud and Data Center products, use Crowd for user management and SSO across Data Center products and use Atlassian Guard to control users and security for cloud products. |
Atlassian Guard Standard allows you to centrally enforce security policies across managed cloud users of Jira, Jira Service Management, Confluence, Bitbucket, Trello, and Statuspage at your organization. Atlassian Guard Premium currently supports Jira and Confluence Cloud. |
We’ll only bill you for unique users (in Jira Service Management, paid users are called “agents”) that are licensed on Jira Service Management. Users who only create requests with a Jira Service Management portal aren’t licensed (also called “portal-only accounts”), so you won’t be charged for them. Learn more about pricing and licensing. |
Atlassian Guard gives an organization centralized control and increased security across multiple Atlassian cloud products and easily be added to your existing Atlassian Cloud Standard or Premium subscriptions. Or get started quickly with our Cloud Enterprise plan, which includes Atlassian Guard Standard at no additional cost. Protect your most critical work and enable secure collaboration with Atlassian Guard Standard and the advanced security controls in Cloud Enterprise. For organizations with the highest level of security requirements, adding Atlassian Guard Premium on top of your Cloud Enterprise plan provides end-to-end visibility, control, and defense against threats to your Atlassian cloud products. With Atlassian Guard, you’ll get a comprehensive solution that allows you to scale and secure the Atlassian cloud content and users across your entire organization. |
Users who have signed up for free accounts count toward your Atlassian Guard bill as billable users. This includes the free versions of Jira, Jira Service Management, Confluence, Bitbucket, or Trello on a domain governed by Atlassian Guard. |
Using the multiple authentication policies feature in Atlassian Guard, you can create a non-billable policy and add managed users to it. These managed user accounts will be excluded from your Atlassian Guard subscription and won’t be billed or secured by its features. |
Enforced single sign-on (SSO)
Enforce single sign-on (SSO) for all managed users to allow them to authenticate to Atlassian cloud products through a company's existing identity provider.
SCIM automated user provisioning
Automate user lifecycle management with SCIM provisioning and de-provisioning. Access to Atlassian cloud products will be defined by rules set in your external directory.
Authentication policies
Admins can set authentication policies to manage session duration, single sign-on (SSO), password policies, and two-step verification. Multiple policies can be created and applied to different subsets of managed accounts.
External user security
An external user policy allows you to apply security settings, including two-step verification, to external users. The settings apply to all the external users in your Atlassian organization.
Mobile app management (MAM)
Create and manage security policies that can be applied to both managed and unmanaged users with mobile app management (MAM). Policies can be set at the organization level, or designated for select users to provide additional security controls such as screenshot disabling, data export restrictions and device encryption requirements
API token controls
Admins have greater visibility and control over API token management and its lifecycle. This includes controlling which users can create an API token to access data and viewing which users are creating and revoking API tokens.
Data security policies
A data security policy helps you keep your organization’s data secure. Create policies to govern how users, apps, and people outside of your organization can interact with content such as Confluence pages and Jira issues.
Data classification
Data classification allows admins to define their data governance approach and label critical data accordingly within Atlassian products. Admins can set data security policies and rules to control user interaction based on data classification level.
Enforce data security policies by classification
Use data classification levels as a coverage in your data security policy. Create policies to govern how users, apps, and people outside of your organization can interact with content such as Confluence pages and Jira issues.
Use data classification to set additional rules within your data security policy, including: "Block Export" rule in Confluence and Jira, “Anonymous Access” rule in Jira, and “Block Public Links” rule in Confluence using classification.
Automatic product discovery
Gain visibility into shadow IT by discovering when managed users in your organization create instances across Atlassian cloud products. Automatic product discovery identifies the product administrator and how many users are using these products.
Organization insights
Admins can achieve better visibility into the usage of their Atlassian products and make more data-driven decisions when it comes to increasing adoption or optimizing their products' ROI.
Organization audit log: Admin activity
A centralized log of admin activity across your Atlassian cloud organization. Gain a full view of the who, what, and when of admin activity to help track and identify any suspicious behavior. Using APIs, integrate with your third party tools, such as a CASB.
Comprehensive organization audit log: User activity, API tokens, Webhooks
A comprehensive log of org admin, product admin, and user activity that takes place in the Atlassian cloud organization. This provides organization admins with visibility into activities like which managed users have created an API token or what organizational resources are being accessed by managed and external users via API tokens. Audit log webhooks are customized HTTP callbacks that trigger in response to audit log events.
Anomalous activity detections
Anomalous activity detections provide intelligent oversight across your Atlassian cloud products by analyzing user activity and notifying you of potential risks. These queries search activity logs and alert you to any potentially concerning activity that requires review.
Content scanning
Content scanning detection rules monitor for critical data being added to Confluence pages. These detections generate alerts for any potentially concerning content that requires review.
SIEM integrations
Using webhooks, send alerts about anomalous activity to any destination, including your organization-wide SIEM or an automation tool like Jira Automation, Zapier, or Workato.
Alert messaging integrations
Integrate alert messages to your organization-wide tools like Slack, Microsoft Teams, and more.
Alert investigations
Alert investigations gives admins or security teams a consolidated view of potentially risky activity. Investigate the alert with details on what happened, which account was involved, other recent alerts tied to this account, and remediation options.
Actor profiles
Access detailed user data by clicking into an actor profile directly from an alert to see a consolidated view of a user’s activity. On a single page, you can see a user’s role, location, recent activity, and a full list of their audit log alerts.
Remediation workflows
If suspicious behavior is detected, an organization admin can take action using the remediation recommendation to follow the suggested workflow and address a threat. Admins have the ability to immediately suspend a user's account directly from the alert dashboard.
Remediation recommendations
Respond to alerts faster with the ability to suspend a user’s account directly from the alert dashboard. Based on the actions logged in the dashboard, remediation options are recommended with actionable next steps.
Alert hand-off
Connect an alert to Jira through the create issue button.
Questions about Atlassian Guard billing?
Visit our billing and licensing page for details.
Enforced two-step verification
Enforced two-step verification can be applied as part of an authentication policy. This requires the users in an organization to turn on two-step verification in order to log in and access their Atlassian cloud products.