It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Security pentest scan on our Confluence environment - see attached screenshot

Within our company we make use of the IT security company CyberSprint. they have a webportal which monitors our digital footprint 24x7. They've found a vulernability on our confluence environment - https://knowledgebase.deheus.com/

See attached screenshot with the result.

who do I have to do to mitigate this founded vulnerability?

Could you support me in this?

Many thanks

1.jpg

1 answer

0 votes
Brant Schroeder Community Leader Apr 10, 2020

Is all that error is telling you to do is harden your system.  Depending on what information you have there are many different ways to do this.

Here are Atlassian's recommendations on security best practices.  https://confluence.atlassian.com/doc/best-practices-for-configuring-confluence-security-216433533.html    

If you have very sensitive data in confluence you can do things like:   Lock down the application so it can only be accessed through your intranet / VPN, Implement multi factor authentication, Encrypt the DB, etc.

You should work with your security team to determine the best course of action to safeguard your information.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
TAGS
Community showcase
Posted in Confluence

Lessons and Learnings: Six Months of Working Remote [Discussion]

Hey there, folks! For most of us, the past six months- yes, you read that right- have been a journey. More people than ever before have pivoted to working remotely, and navigating being on-scre...

7,545 views 6 6
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you