Integrate a new Confluence Data Center source

info

For now, only real-time scanning is supported to detect secrets in pages, blogs and comments. All detectors are supported, with the exception of these 2 generic detectors, in order to limit the risk of false positives:

• Generic High Entropy Secret
• Generic Password

Setting up and configuring this integration is limited to users with an Owner or Manager access level. Confluence Data Center site installation is only open to workspaces under the Business plan. However, you can install and test secret detection in Confluence Data Center with a 30-day trial. Any secret incidents detected during the trial will remain accessible in your incident dashboard.

GitGuardian integrates natively with Confluence Data Center via an administrator Personal Access Token that you can create from your Confluence Data Center sites. Note that GitGuardian only has read access to your spaces.

Requirements

You must be a Confluence Administrator to configure GitGuardian Confluence Data Center integration.

Setup your Confluence Data Center integration

You can install GitGuardian on multiple Confluence Data Center sites to monitor your spaces.

1. Make sure you're logged as an administrator in the Confluence Data Center site you want to install
2. Go to the Settings page
3. Go to the Personal Access Tokens section and click Create token to create a new PAT
4. Provide a Token Name, an optional Expiry date and click Create
5. Copy your new PAT and click Close
6. In the GitGuardian platform, navigate to the Sources integration page
7. Click Install next to Confluence Data Center in the Documentation section
8. Click Install on the Confluence Data Center integration page
9. Paste your Confluence Data Center site URL, your administrator Personal Access Token and click Add

That's it! Your Confluence Data Center site is now installed, and GitGuardian is monitoring all pages, blogs and comments of your spaces for secrets.

info

Confluence allows the creation of up to 10 PATs. GitGuardian automatically renews PATs before they expire. To do this, you must have at least 2 PAT slots free. Otherwise, an error message will warn you that the integration is no longer functional.

Uninstall your Confluence Data Center site

To uninstall a Confluence Data Center site:

1. In the GitGuardian platform, navigate to the Sources integration page
2. Click Edit next to Confluence Data Center in the Documentation section
3. Click the bin icon next to the Confluence Data Center site to uninstall
4. Confirm by clicking Yes, uninstall in the confirmation modal

That's it! Your Confluence Data Center site is now uninstalled.

Limitations

• Historical Scan: Historical scans are not yet supported (coming soon).
• Source Listing: Monitored Confluence Data Center spaces are not yet listed on the Perimeter page (coming soon).
• Monitored Perimeter: Customization of the monitored perimeter is not supported. All spaces are monitored by default.
• Team Perimeter: Customization of a team perimeter with Confluence Data Center spaces is not supported. Users must be in All-incidents team to view and access Confluence Data Center incidents.
• Source Visibility: The visibility of spaces is not determined. All spaces are considered private in both the UI and API.
• Presence Check: The presence check feature is not supported. All occurrences are considered present in both the UI and API.
• Occurrence metadata: Author's email is not determined.
• File Attachments: File attachments are not scanned.
• Occurrence Previews: Previews of occurrences are not supported.

Privacy

Country-specific laws and regulations may require you to inform your Confluence Data Center users that your spaces are being scanned for secrets. Here is a suggestion for a message you may want to use:

As part of our internal information security process, the company scans the Confluence Data Center spaces for potential secrets leaks using GitGuardian. All data collected will be processed for the purpose of detecting potential leaks. To find out more about how we manage your personal data and to exercise your rights, please refer to our employee/partner privacy notice. Please note that only spaces relating to the company’s activity and business may be monitored and that users shall refrain from sharing personal or sensitive data not relevant to the space’s purpose.