Data from Information Repositories: Confluence (T1213.001)
Tactic: Collection · Platforms: SaaS
The interactive view maps 1 detection strategy, 3 mitigations, 1 threat group, 1 software entry to this technique, alongside D3FEND countermeasures and data-component coverage.
Sub-technique of Data from Information Repositories (T1213).
Overview
Adversaries may leverage Confluence repositories to mine valuable information. Often found in development environments alongside Atlassian JIRA, Confluence is generally used to store development-related documentation, however, in general may contain more diverse categories of useful information, such as:
* Policies, procedures, and standards * Physical / logical network diagrams * System architecture diagrams * Technical system documentation * Testing / development credentials (i.e., Unsecured Credentials) * Work / project schedules * Source code snippets * Links to network shares and other internal resources