This comparison is for Jira admins evaluating Document Vault by Redmoon Software against Smart Attachments for Jira by Stiltsoft. Both apps appear regularly on Atlassian admin shortlists for “improve Jira attachments.” They share some features but solve substantially different problems. Pick badly and you’ll spend a year fighting the tool.
The 30-second answer
Document Vault is built around one question: which users should be able to see this file even exists? Sensitive files live in a vault configured per project, accessible only to the groups or roles you specify. Unauthorised users see no trace of the file — not the filename, not the upload timestamp, not the attaching user.
Smart Attachments is built around a different question: how do we organise hundreds of files on a single issue? Custom categories, version history per file, approval flows, drag-and-drop reorganisation. Access restrictions are available but they’re not the centre of the design.
If your driver is compliance — SOX, HIPAA, ISO 27001, defence-grade need-to-know — Document Vault’s invisibility model maps to your requirements. If your driver is operational chaos — “we attach 200 files per RFP issue and can’t find anything” — Smart Attachments is built for that.
Side-by-side
| Capability | Document Vault | Smart Attachments |
|---|---|---|
| Files hidden entirely from unauthorised users | ✓ | ✗ (restrictions limit download, not visibility) |
| Group/role-based access lists per vault or category | ✓ | ✓ |
| Custom categories / folders within an issue | ✗ | ✓ |
| Version history per file | Via Jira | ✓ |
| File-level approval workflow | ✗ | ✓ |
| Drag-and-drop reorganisation | ✗ | ✓ |
| Multiple vaults per project | ✓ | N/A |
| Separate storage repository (isolated from default Jira attachments) | ✓ | ✗ |
| Audit trail of file access | ✓ | ✓ |
| Bulk upload | ✓ | ✓ |
| Pairs with attachment encryption | ✓ | Via partner apps |
| Jira Cloud edition | ✓ | ✓ |
| Jira Data Center edition | ✓ | ✓ |
| Designed primarily for security | ✓ | ✗ |
| Designed primarily for file organisation | ✗ | ✓ |
When Document Vault is the right pick
- Need-to-know compliance. If your auditor’s threshold is “unauthorised users must not even be aware these files exist,” Smart Attachments’ restriction-based model is harder to defend than Document Vault’s vault-based model. The vault model is structurally aligned with how compliance frameworks describe access control.
- Sensitive document categories. HR investigations, M&A due diligence, signed customer contracts with NDA clauses, security incident artefacts — these belong on a Jira issue (so the workflow has context) but should not be visible to the wider team. Document Vault is purpose-built for exactly this.
- Defence in depth. Document Vault stores its contents in a separate, configurable repository — not in the standard Jira attachment area. If an attacker compromises a Jira-admin account, the vaulted files are still gated by the vault’s access list, not just by Jira permissions.
- You already run Redmoon Comment Security Default or Custom Fields. Document Vault completes the data-protection trio. One vendor, one support contract, one security review.
When Smart Attachments is the right pick
- High file volume per issue. Construction, legal, engineering, RFP-driven sales — issues with dozens or hundreds of files where humans need folders to stay sane. Smart Attachments is genuinely better than Document Vault for this.
- File version management. When the same Statement of Work goes through twelve revisions and you need to read v7, Smart Attachments’ file-level version history is purpose-built. Document Vault relies on Jira’s native versioning.
- Approval workflows on files. “Legal must sign off on this contract version before it’s the active one” — Smart Attachments has explicit file-approval flows. Document Vault does not.
- You already use Stiltsoft tools. If your Confluence stack already runs Stiltsoft apps, staying inside the vendor ecosystem simplifies licensing and support.
Many teams run both
These apps are routinely deployed together because they sit at different layers:
- Document Vault holds the small subset of files that must be access-controlled to the role-level. Vaults are configured once per project and forgotten.
- Smart Attachments organises the larger pool of files that everyone on the issue can see, but which need categorising, versioning, and approving.
A common pattern: vaulted files for the signed contract, the HR investigation summary, the security incident postmortem; Smart Attachments categories for the working drafts, supporting documents, screenshots, and reference material. Different security posture, different organisational need.
Cost considerations
Both apps are priced on the Atlassian Marketplace, tiered by Jira user count. Current pricing is best read from the live Marketplace listings:
The two apps are not pricing-equivalent — they’re scoped differently. Compare against your primary requirement (security vs organisation) and don’t let “we might use it for both” justify paying for the wrong tool.
Get started
The fastest way to evaluate Document Vault is to install the free trial, create a vault scoped to a single role, upload a sensitive document, then log in as a non-member and confirm the file is invisible.
See also
- Document Vault overview — the full product page
- Document Vault user guide — every feature documented
- Document Vault use cases — sector-by-sector scenarios
- Securing your project files with Document Vault — security-team-oriented walkthrough
- Document Vault features — complete feature list
- Document Vault reviews — what existing customers say
- Comment Security Default [Cloud]](/comment-security-default-overview-cloud/)/Data Center — the companion product for default-deny comment visibility
- Contact Us — book a demo to walk through vault configuration against your data classification policy