Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

Introduction

Sensitive information such as API keys, passwords, and access credentials is often unintentionally stored in Confluence pages and blog posts. This poses significant security risks, as such data can be exploited by malicious actors. To address this, the Security for Confluence initiative integrates automated scanning and detection capabilities directly within Confluence to prevent, mitigate, and manage the exposure of sensitive information.

App Installation

Step 1: Login as a JIRA administrator to confluence. Go to Administration -> Add-on -> Find Add-on 

Step 2: Find "ConfiSecure" and click "Install".

ConfiSecure Process Steps

Step 1: Go to Jira Home  → Click on Apps drop-down -> Click on “ConfiSecure.”

image-20250109-093745.png

Step 2: After selecting "ConfiSecure," the application view will be displayed, providing you with the interface to interact with the tool.

The popup message will be appear stating that “Authentication Required”. The message will disappear after 3 seconds.

image-20250109-094953.png

Step 2: Click on App settings to proceed with the Authorization.

image-20250109-095757.png

Step 3: Once click on the Authorization, the page will appear to enter the email and apitoken for validation.

image-20250109-100608.png

Step 4: To validate the authorization, please provide your 'Email ID' and 'API Token' and click on the validate button.

image-20250109-102204.png

Step 5: Upon clicking the "Validate" button, if both the Email ID and API token are valid, a success flag message will be displayed confirming that the API token is valid. The user will then be redirected to the main dashboard page.

image-20250109-105353.png

The main dashboard page will display a table containing the counts of space and page security rule findings.

image-20250109-110822.png

If a space is newly created, its status will be displayed as "Unscanned," and no findings will be shown for it.

When the "Scan-All" button is clicked, all spaces will be scanned, their findings will be displayed, and their status will be updated to "Scanned." Similarly, individual spaces can also be scanned by selecting and scanning them individually.

Step 6: The dashboard incorporates pagination to display spaces, presenting 10 records per page. Users can navigate through the pages effortlessly to access additional spaces and their associated details, as illustrated in the image below.

image-20250109-111529.png

Configure the Rules for Security

  • No labels