Axis Blog

Featured Post

A Message From the Founders

We’re excited to introduce Axis Security! Application access for employees, partners, and other stakeholders is an essential component of an efficient, modern organization. Axis Security emerged from stealth mode today to solve this problem with a new approach designed to make private application access amazingly simple. We have been working hard these last 18 months...

By Dor Knafo

March 16, 2020

All Blog Posts

Confluenza and the Network Attack Surface, Part 2

In Part 2 of this blog, we are continuing the story by showing the hacker could easily give themselves persistent access to the server. The enterprise might have patched or upgraded the Confluence Server to a non-vulnerable version, but is it too late? Will the hacker still have server access? What about access to the rest of the network?

By Zoltan Kovacs

September 16, 2021

Confluenza and the Network Attack Surface, Part 1

Many organizations still have vulnerable Confluence Servers exposed to the public internet! This might make sense when using Confluence to collaborate with external users, partners, or customers. In many cases the protection is a firewall, a WAF, and strong authentication.

By Zoltan Kovacs

September 15, 2021

Confluenza: What is CVE-2021-26084 and why should you care

A remote code execution vulnerability of Atlassian Confluence was published and given the identifier CVE-2021-26084. The clever name Confluenza was later given to it. It affected virtually every version of Confluence that’s not hosted by Atlassian. A patch was made available that day, but we all know old versions die hard.

By Gil Azrielant

September 8, 2021

How do Hackers Hack – An Experiment in Open Portal Attacks

What is a honeypot, you may ask? The term comes from the world of espionage, wherein spies used romance as a way to steal secrets, which was called setting a ‘honey trap’ or ‘honeypot’. The cyber version works in a similar way - creating a sacrificial computer system that is designed to sit on the internet and look innocent and unprotected, mimicking a target for hackers. It uses their attacks to gain information about the tactics, techniques, and procedures (TTPs) used by malicious actors.

By John Huang

July 23, 2021

Load more

Start Simplifying Your App Access

Schedule a Demo