Securing NHIs in Jira and Confluence

Jira and Confluence are widely used collaboration and project management platforms. Jira tracks
and manages work, while Confluence centralizes documentation and team knowledge. These
platforms often store sensitive information, such as project pipelines, proprietary data, and
embedded secrets, making them high-value targets for attackers.

Why are NHIs prevalent in Jira and Confluence?

Non-human identities like OAuth apps, webhooks, service accounts, and integrations enhance
workflows and collaboration. These identities automate repetitive tasks, connect third-party tools, and streamline project management, often with broad access across systems.

What are the risks?

Compromised NHIs in Jira and Confluence can lead to:

• Intellectual property theft: Attackers accessing sensitive project details, developer
  pipelines, or proprietary knowledge stored in these platforms.
• Credential exposure: Leaked secrets or API keys embedded in Confluence pages or Jira
  tickets can allow attackers to move laterally into other systems. Read more about our secret scanning capabilities here.
• Operational risks: Unauthorized changes to projects or documentation workflows can
  disrupt business processes.
• Real-world example: In the Okta breach, attackers exploited unauthorized access to Jira
  and Confluence to gather sensitive information, demonstrating the potential for damage.

How does Astrix help?

Astrix mitigates these risks in Jira and Confluence environments by:

• Discovery: Discovering and mapping all NHIs, including service accounts, bots, and
  integrations, for complete oversight.
• Posture management: Identifying high-risk NHIs, such as those with excessive privileges,
  inactive or orphaned, or with untrusted third-party vendors.
• Remediation: Custom workflows for revoking unused permissions, deactivating orphaned
  NHIs, and correcting misconfigurations to reduce risk.