Filter Exposure Guard — Documentation
Filter Exposure Guard is a read-only Jira Cloud security audit of your filters and dashboards. It flags over-broad sharing, deactivated owners, and invalid JQL so you can find exposures before they become incidents. It never changes anything.
Getting started
- Install Filter Exposure Guard from the Atlassian Marketplace.
- In Jira, open the settings gear, then Apps → Filter Exposure Guard. (It is an admin page; you need Jira administrator access.)
- It scans automatically on open. Use Rescan to refresh.
Reading the results
The Overview summarises exposure across filters and dashboards:
- Public — shared openly (highest risk).
- Org-wide — shared with all logged-in users in your site.
- Shared — shared with a group, project, or specific users.
- Private — not shared.
It also flags deactivated owners (filters/dashboards owned by an inactive account) and invalid JQL (broken filters). The Inventory tab lists everything; the Report tab exports a CSV or Markdown audit.
Scope of the audit
The app audits all shared/public filters and dashboards. Items kept private by other users are not visible to Forge apps — and are not an exposure by definition. Owner active/deactivated status is read where available.
Permissions and data
Read-only. Reads filter/dashboard configuration, sharing, JQL, and owner active status. Stores nothing beyond your dismissed-warning preferences; reads no issue content and stores no personal data. See the privacy policy for detail and exact scopes.
Support
Questions or issues: support, or email hello@ariacode.dev.