Title here
Summary here
Getting Started
Installing from Atlassian Marketplace
- Go to marketplace.atlassian.com and search for “Aegis Compliance Suite”.
- Click Get it now (or Try it free for a trial).
- Select your Confluence Cloud site from the dropdown.
- Click Install and accept the required permissions.
- Once installation is complete, navigate to your Confluence Cloud site.
- Open any Confluence page, you will see the Aegis exposure score byline beneath the page title.
- Access the main dashboard via the Confluence top navigation: Apps → Aegis Compliance Suite.
Note: The user who installs the app is automatically assigned the Admin role.
First-Time Setup Checklist
Follow these steps in order to configure Aegis properly for your organization. Steps 1–3 are essential for basic operation; step 4 sets up alert rules.
Step 1: Assign Roles to Your Team
By default, all users except the initial Admin are assigned the Viewer role and cannot create or edit anything. You must assign Analyst, Approver, or Admin roles before team members can take action.
- Open Confluence Settings → Aegis Compliance Suite Settings.
- Click the Permissions tab.
- In the search box, type at least 2 characters of a team member’s display name.
- Select the user from the results dropdown.
- Choose the appropriate role from the Role dropdown (Viewer, Analyst, Approver, or Admin).
- Click Save.
- Repeat for each team member.
Step 2: Configure Content Detectors
Aegis ships with 200+ pre-built regex detectors sourced from the gitleaks ruleset. Only 4 are enabled by default (AWS Access Key, Credit Card, SSN, Private Key). Before running your first scan, review which detectors match your organization’s risk profile.
- Open Confluence Settings → Aegis Compliance Suite Settings.
- Click the Detectors tab.
- Browse the accordion groups by category (Cloud Platforms, Source Control & CI/CD, Communication, AI & ML, and more).
- Toggle individual detectors on or off by clicking the toggle next to each one.
- Optionally, scroll to the bottom of the Detectors tab to add a Custom Detector: provide a name, regex pattern, severity, and category.
- Click Save after any changes.
Note: Generic patterns like
generic-api-key,generic-secret, andpassword-in-textare intentionally off by default to reduce false-positive noise. Enable them only if your environment uses consistent naming conventions that these patterns can match reliably.
Step 3: Run Your First Content Scan
- Navigate to the main dashboard: Apps → Aegis Compliance Suite.
- Click the Scanning tab.
- In the toolbar at the top, select Full scan from the scan type dropdown.
- Click Start Scan.
- Watch the progress strip, it shows Spaces Completed, Pages Scanned, and Findings Created in real time.
- When the scan completes, the status bar shows “Scan complete” with a checkmark.
- Click the Findings tab to review all findings detected by the scanner.
Warning: Scans are always manually triggered. There is no scheduled automatic content scan, this is an intentional design decision to give your team full control over when scanning occurs. The hourly permission scan (for exposure scoring) runs automatically; only the content scan requires manual initiation.
Step 4: Set Up Alert Rules
Alert rules notify your team when important events occur.
- Navigate to Apps → Aegis Compliance Suite.
- Click the Alerts tab.
- Click Add Rule.
- Select a trigger type (e.g., “New Critical Finding”, “SLA Breach”, “Score Increase”).
- Set any threshold, scope, and debounce window settings for the rule.
- Click Save Rule.
You should create at minimum:
- A rule for
critical_finding(fires when any critical finding is created). - A rule for
sla_breach(fires when a case’s deadline is breached).
Accessing the App
| Entry Point | Navigation Path |
|---|---|
| Main Dashboard | Confluence top nav → Apps → Aegis Compliance Suite |
| Admin Settings | Confluence gear icon → Settings → Aegis Compliance Suite Settings |
| From a page byline | Click the exposure score badge on any Confluence page → opens the byline panel |
| Report a finding | Click “…” on any Confluence page → “Report Security Finding” |
The dashboard opens to the tab you were last viewing (your tab position is saved in browser session storage and restored across page refreshes within the same browser session).
Role Permission Matrix
Aegis uses a four-tier hierarchical role model. Higher roles inherit all permissions of lower roles.
| Permission | Viewer | Analyst | Approver | Admin |
|---|---|---|---|---|
| View findings, cases, audit logs | Yes | Yes | Yes | Yes |
| View exposure scores and access summaries | Yes | Yes | Yes | Yes |
| View alert rules and notification history | Yes | Yes | Yes | Yes |
| Create and edit findings | No | Yes | Yes | Yes |
| Import findings via CSV | No | Yes | Yes | Yes |
| Create and update cases | No | Yes | Yes | Yes |
| Assign cases to users | No | Yes | Yes | Yes |
| Change finding / case status | No | Yes | Yes | Yes |
| Create risk exception requests | No | Yes | Yes | Yes |
| Expand group members in Access Explorer | No | Yes | Yes | Yes |
| Acknowledge alerts | No | Yes | Yes | Yes |
| Create Jira tickets from findings/cases | No | Yes | Yes | Yes |
| Approve risk exceptions | No | No | Yes | Yes |
| Revoke exceptions | No | No | No | Yes |
| Assign roles to users | No | No | No | Yes |
| Configure detectors, alert rules, SLA policy | No | No | No | Yes |
| Configure notification channels | No | No | No | Yes |
| Configure Jira integration | No | No | No | Yes |
| Configure retention policy | No | No | No | Yes |
| Run retention purge manually | No | No | No | Yes |
| Rebuild entity count cache | No | No | No | Yes |
| Trigger content scan | No | No | No | Yes |
Note: Role checks are enforced server-side on every resolver call. It is not possible to bypass role restrictions by modifying the frontend.
Role Assignment Walkthrough
Scenario: You want to give Alice the Analyst role and Bob the Approver role.
- Open Confluence Settings (gear icon in the top navigation).
- Under “Apps & Integrations”, click Aegis Compliance Suite Settings.
- The settings page opens to the Permissions tab by default.
- In the “Search for a user” field, type “Alice” (at least 2 characters).
- A dropdown appears with matching Confluence users. Select Alice’s account.
- In the “Role” dropdown that appears to the right, select Analyst.
- Click Save. A confirmation message appears briefly.
- Repeat steps 4–7 for Bob, selecting Approver.
Note: If you cannot see the Permissions tab, you do not have the Admin role. Contact whoever first opened the app after installation, they are the initial Admin.