Getting Started
Use these steps to get started with Nightfall for Confluence.
To install the Nightfall App for Confluence, please follow the steps outlined below.
Nightfall installs into your Confluence account as an Atlassian Connect app. So, the installation is completed in the Confluence UI.

Step 1. Install Confluence Connect App from Atlassian Marketplace

Navigate to the DLP for Confluence - Nightfall AI listing in the Atlassian Marketplace and select "Get app." You can review the rights that the App will have, and can then select "Get it now".
Choose the Atlassian site where you would like to install your app and follow the instructions to finish the installation.
Once you have completed these steps, log in to your Nightfall dashboard and select the Confluence tab in the left sidebar to validate that the app is successfully installed.
Once you have installed the app successfully, please provide your Nightfall Account Manager with the base URL for your Atlassian instance. There are some backend configuration steps that are required upon installation, in order for the integration to function properly.

Step 2. Create Detection Rule

First, we will configure our Detection Rule that defines the types of sensitive data we are looking for in Confluence. The detection rule is the Nightfall aggregation of detectors and confidence levels/findings that will dictate whether a violation or finding is recorded.
To learn more about Detection Rules and how to set them up, please refer to this article .
In the left sidebar, click "Detection Rules".
We strongly recommend configuring a simple detection rule to start as follows:
Detector
Minimum Confidence
Minimum Count
Credit Card Number
Likely
1
US Social Security Number
Likely
1
API Key
Likely
1
Now that our Detection Rule has been created, we will create our Confluence policy that will use this Detection Rule.

Step 3. Create Policy

Navigate to the Policies option, under the Confluence option on the left sidebar of the Nightfall console view.
To create your first policy, please select the ‘+ New Policy’ option:
The first step for policy creation will be naming the policy. The example screenshot policy below is called ‘High risk sensitive data’.

Define Policy Scope

The second step is to define the scope of the policy. The options for Scope are:
  • Everything - will scan all Confluence pages and spaces
  • Choose spaces - allows for specific Confluence spaces to be searched
  • Choose pages - allows for specific Confluence pages to be searched

Apply Detection Rule

Next, we will apply the Detection Rule we created in the prior step to this Policy. This means the Policy will be evaluating content against this Detection Rule to determine if it meets the criteria for a Violation or not.

Set Results Preferences

Once the detection rule has been applied, the next step in policy setup is the Findings Preview. Here, you can select how findings will be shown in the scan file, as well as to what extent the findings will be redacted.
The example configuration below has the ‘Include sensitive finding’ option, as ‘Partially redacted’. The example of this on the right shows that the sensitive finding is shown, but only the last 4 numbers are visible.
Allowing the ability to see a partially redacted version of the finding will allow you to review whether the violation is a false positive, or is a genuine violation of the intended detection rule.
Once this has been configured to your liking, you can save the policy with the option on the bottom of the screen.

Step 4. Kick-Off Your Scan

Now that a Confluence policy has been set up, we can go ahead and kick off our first scan!
Please navigate to the Scans option, underneath the Confluence option on the left sidebar of the Nightfall console.
To start the scan process, please select the ‘+ New scan’ option on the top right of the screen:
The first step for scan creation is to choose which policy it should be associated with. These are the policies that were configured in the previous step. For this example, the ‘High risk sensitive data’ policy has been chosen.
On the next screen, select the time range desired for the scan. The two options for time range are:
  • All history - will scan content from the beginning of Confluence account creation to now.
  • Choose specific date range - Select the specific dates between which you would like to have the scan run for. We recommend specifying date ranges as all history scans can take time, depending on how much content lives in your Confluence instance.
Once the time range has been selected, you can kick off the scan using the ‘Start Scan’ option on the bottom right of the screen.

Step 5. Accessing Results

Depending on the time range of the scan, the duration of the scan will vary. Once the scan is completed, you will see it in the Confluence -> Scans view.
The scan from this view will show a few important pieces of information:
  • Total # of findings
  • Total # of items
  • Date range
Select the option on the right to download the scan locally and to view all findings. This will download a Excel spreadsheet with the results, which you can filter/sort/search/edit as you review results. These exported results will include the following information:
  • Permalink, e.g. https://nightfalltest.atlassian.net/wiki/spaces/SST/pages/1114439681/Developer+page
  • Item Name, e.g. Developer page
  • Item ID, e.g. 1114
  • Item Type, e.g. page
  • Is Archived, e.g. true
  • Date Created, e.g. 2021-06-09 17:47:14.345 +0000 UTC
  • Date Last Modified, e.g. 2021-06-09 17:50:28.844 +0000 UTC
  • Labels
  • Space Name, e.g. Sample Space
  • Space ID, e.g. 65538
  • Parent Page Name, e.g. Confluence Scan
  • Parent Page ID, e.g. 65539
  • Author Name, e.g. John Smith
  • Author Email, e.g. [email protected]
  • Detector Triggered, e.g. API Key
  • Total Number of Findings, e.g. 2
  • Number of Very Likely Findings, e.g. 2
  • Number of Likely Findings, e.g. 0
  • Number of Possible Findings, e.g. 0
  • Number of Unlikely Findings, e.g. 0
  • Number of Very Unlikely Findings, e.g. 0
  • Finding Preview, e.g. {"Pre":"Okta API Key: "","Finding":"*-*-ML8D","Post":"”. Vivamus tempus l"}{"Pre":"GitHub access token: "","Finding":"**e7cb","Post":"". Proin vitae magna"}
These results can be exported externally, for example, into a shared folder on OneDrive, Google Drive, etc. These results can also be auto-populated into our analytics layer so you can build dashboards, sort, filter, visualize, search, and more. To set up one of these exporting mechanisms, please reach out to your Customer Success Manager or Nightfall Support at [email protected].
If after remediating violations you would like to confirm they have been resolved, you can restart the scan from this view, using the option on the far right of the ‘Scans’ page. Alternatively, if you would like to modify your policy or detection rule and then re-scan, you can repeat the steps above.
You should now be set up with your Nightfall for Confluence installation! For any questions or comments about these instructions, please reach out to [email protected].

Changing Confluence Sites

If you would like to change the Confluence Site (e.g. newsite.atlassian.net) that Nightfall is connected to, please follow the steps below:
  1. 1.
    Follow the steps above to install Nightfall into your new Confluence Site.
  2. 2.
    Notify Nightfall by emailing your Customer Success Manager or [email protected] with your new Confluence Site domain (e.g. newsite.atlassian.net), and your old/existing Confluence Site domain (e.g. oldsite.atlassian.net).
    1. 1.
      Nightfall will unlink your existing Confluence Site and link your new one.
    2. 2.
      Please do not run any scans during this time.
  3. 3.
    Once you have received confirmation from Nightfall that the re-linking process is complete, you can uninstall the Nightfall app from your old Confluence Site by clicking "Uninstall" on the app in your installed apps, as shown below. Please do not uninstall until you have received confirmation from Nightfall.

Last modified 22d ago