Skip to content
Book a Demo

Discover Sensitive Information Published in Confluence

Over 200,000 developers rely on Security for Confluence to audit, detect, and remove secrets.

Try it now
Book a Demo
dots
verizon
mercedes-benz
fidelity
boa

Not Using Our App

  • Secrets get published
  • Attackers gain access to PII and other sensitive info
  • Financial damages in the billions of dollars
  • Damaged company reputation
Ellipse-4

Using Security for Confluence

  • Find sensitive information before hackers do
  • Protect PII and financial information
  • Comply with HIPAA and GDPR
  • Be proactive instead of reactive

Enhanced Confluence Security

A plug-and-play Confluence app that scans your pages for sensitive information so that common mistakes are caught before they are exploited by attackers.

No need to worry about 3rd party vendor compliance or reliability since Soteri's Secret Scanning is hosted within Confluence Data Center. Installation takes only 30 seconds. On Cloud? We support Confluence Cloud as well.

security-for-conlfluence-graphic-2

Three Easy Steps to Secure Confluence

1. Audit

Put your security on autopilot with scheduled audits or trigger manual audits.

2. Detect

Discover secrets, before the attacker with built-in and customizable scanning rules.

3. Secure

Secure your systems to prevent data breaches by changing and removing your secrets.

Providing Peace of Mind to QA, DevOps, and Cloud Engineers

We reduce risk and protect your data from leaks.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
1*dZYzV_WG8gNVBwtJ-dAcqg
John Smith
Manager
Company
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
1*dZYzV_WG8gNVBwtJ-dAcqg
John Smith
Manager
Company
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
1*dZYzV_WG8gNVBwtJ-dAcqg
John Smith
Manager
Company

Built to Maximize Your Confluence Security

scan-2
Space and page scanning to audit for sensitive information
money-2
Built-in patterns for detecting leaked credentials, API keys, PII, credit card numbers, and banking information
fingerprint-2
Add custom scanning rules, for organization-specific audits
report-2
Downloadable reports of scan findings
barcode-scanner
Scan your page history to find vulnerabilities in past document versions
api-2
REST API for scripting and automation

FAQs

What content can Security for Confluence scan?

Currently, Security for Confluence scans:

  • Pages
  • Blog Posts

Note that comments, drafts, and macro bodies are not yet scanned.

What do I do if a security scan finds a secret?

All secrets detected by a security scan should be considered compromised. Once a secret is published, anyone who had read access to the page could have obtained a copy. Locking down the permissions on the page, deleting it, or deleting all the page versions which contained the secret are all good steps, but they don’t sufficiently remediate the risk.

Soteri recommends to:

  • Change the secret.
    • If a password is found, change it.
    • If an access token is found, generate a new access token and update your services to use the new token. Once all your services have been updated, revoke the old token.
  • Delete the secret from Confluence. Secrets improperly stored in Confluence, revoked or not, send the signal to users that secrets can be stored this way.
Start discovering sensitive information stored in your Confluence spaces and pages
Try it Now