1. Home
  2. ATT&CK Techniques
  3. T1213.001 Confluence

T1213.001 Confluence Mappings

Adversaries may leverage Confluence repositories to mine valuable information. Often found in development environments alongside Atlassian JIRA, Confluence is generally used to store development-related documentation, however, in general may contain more diverse categories of useful information, such as:

  • Policies, procedures, and standards
  • Physical / logical network diagrams
  • System architecture diagrams
  • Technical system documentation
  • Testing / development credentials
  • Work / project schedules
  • Source code snippets
  • Links to network shares and other internal resources
View in MITRE ATT&CK®

NIST 800-53 Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
AC-2 Account Management Protects T1213.001 Confluence
AC-3 Access Enforcement Protects T1213.001 Confluence
AC-5 Separation of Duties Protects T1213.001 Confluence
AC-6 Least Privilege Protects T1213.001 Confluence
CA-8 Penetration Testing Protects T1213.001 Confluence
CM-5 Access Restrictions for Change Protects T1213.001 Confluence
CM-6 Configuration Settings Protects T1213.001 Confluence
CM-7 Least Functionality Protects T1213.001 Confluence
IA-2 Identification and Authentication (organizational Users) Protects T1213.001 Confluence
IA-4 Identifier Management Protects T1213.001 Confluence
IA-8 Identification and Authentication (non-organizational Users) Protects T1213.001 Confluence
RA-5 Vulnerability Monitoring and Scanning Protects T1213.001 Confluence
SI-4 System Monitoring Protects T1213.001 Confluence

Azure Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
cloud_app_security_policies Cloud App Security Policies technique_scores T1213.001 Confluence
Comments
This control may detect anomalous user behavior wrt information repositories such as Sharepoint or Confluence.
References
    cloud_app_security_policies Cloud App Security Policies technique_scores T1213.001 Confluence
    Comments
    This control may detect anomalous user behavior wrt information repositories such as Sharepoint or Confluence.
    References