T1213.001 - Confluence - MITRE ATT&CK - Cyber Threat Intelligence

T1213.001 - Confluence

Sub-technique

Tattiche:
Collection

Piattaforme:
SaaS

Rilevamento:
Not specified

Description:

Adversaries may leverage Confluence repositories to mine valuable information. Often found in development environments alongside Atlassian JIRA, Confluence is generally used to store development-related documentation, however, in general may contain more diverse categories of useful information, such as:

* Policies, procedures, and standards
* Physical / logical network diagrams
* System architecture diagrams
* Technical system documentation
* Testing / development credentials (i.e., [Unsecured Credentials](https://attack.mitre.org/techniques/T1552))
* Work / project schedules
* Source code snippets
* Links to network shares and other internal resources

Usato da Attori (1)

LAPSUS$
Unknown

Metadata

MITRE ID:	T1213.001
STIX ID:	attack-pattern--7ad38ef1-381a-...
Piattaforme:	SaaS
Created:	13/01/2026 17:48
Updated:	07/03/2026 16:00