Summary

Guard Detect issues an alert when it identifies potentially sensitive data, providing a snippet of the data to aid administrators in their investigation. If an administrator concludes that the data is indeed sensitive and should not be stored, they have the option to redact it directly from the alert. Currently, redaction can only be performed per alert/incident in the Guard Detect UI, which is operationally heavy at scale. 

Suggestion
Implement a bulk redaction capability in Guard Detect, covering both Jira and Confluence, for example:

• In the Guard Detect UI, allow admins to:
  • Filter incidents (e.g., by product, detection type, location, time range) and select multiple alerts.
  • Apply a single Redact action to all selected incidents.
• In the Guard Detect API, provide endpoints to:
  • Retrieve and filter incidents at scale.
  • Submit a bulk redaction request (e.g., by list of incident IDs or by filter criteria), with status tracking for large jobs.

This would enable customers to efficiently clean up large volumes of detected PCI/PII and better support compliance and data hygiene efforts.

Workaround
There is currently no true bulk redaction option:

• Admins must open each Guard Detect alert individually in Jira and Confluence and trigger redaction one by one in the UI.

• For Jira only, there is a limited capability to restore redacted content using the Guard Detect API within 30 days of redaction:
  API request examples