Please see below for our best practices on how to remediate findings for Nightfall for Confluence.
Remediation in Confluence
For historical scan results in Confluence, we recommend that you first group results by file and detector. Prioritize the Spaces/Pages with the most violations, open the Page, and delete the sensitive finding.
Delete all items that contain sensitive findings, including screenshots as well. This may be handled by your team, or by the end user, depending on your organization’s needs and access settings.
Questions to ask:
Is the sensitive data accurately identified?
Is it okay for the sensitive data to live on that page?
Is the data sample data?
Is the page archived?
If the data should not live in Confluence, ping the page author and ask them to remove or redact the data
In the findings file, we recommend marking each row as “No action needed” or “Resolved" to indicate that you have reviewed or addressed any violations.
For any further questions related to remediation or for Best Practices, please reach out to [email protected]