Trust & Security

Icarus Labs is Atlassian's experimental security research team. It’s inspired by research groups like Google's Project Zero and Facebook’s Red Team X (which research new vulnerabilities), but for any...

Alex Hope published an article 26 0 November 2, 2021

Atlassian Cloud 製品の管理者が 事業継続計画 (BCP; business continuity planning) を立案するときに役立つ情報を紹介します。   ■ 前提知識 システムにより担保されている回復性は アトラシアンによる顧客データの管理 をご参照ください。以降、本稿では各製品の管理者が行えるアクションを紹介します。 &n...

K. Yamamoto published an article 3 0 October 26, 2021

What are Standard Contractual Clauses (SCCs)? OnJun 4, 2021, an updated version of the Standard Contractual Clauses (or SCCs) was published by lawmakers in the European Union (EU) and they gave...

Bill Marriott published an article 4 6 October 26, 2021

Atlassian primarily relies on our Atlassian Bug Bounty Program and our own internal testing by our Security Engineers to test and identify security issues or vulnerabilities ...

Tanvir Ahmed started a discussion 8 1 October 24, 2021

We’re excited to announce that Trello has successfully completed their annual FedRAMP security assessment. For those not aware, Trello is now on its second year of having FedRAMP Tailored authorizati...

Miller published an article 9 0 October 21, 2021

Hi,   Last year there was a security program where 73 questions had to be answered through Whistic and a green-yellow-red rating could be obtained. Will this program be continued?

József Markovics-Horváth started a discussion 2 3 October 17, 2021

Hi, Recently regulators in the EU and US have become more active in trying to prevent fake reviews in marketplaces. For example see https://www.theregister.com/2021/10/14/fake_reviews_ftc/ . The ...

marc -Collabello--Phase Locked- started a discussion 12 1 October 15, 2021

Hello. A user of the Atlassian platform uses it to send spam with blackmail and extortion. This user's address is: jira@trans-l3eerf55.atlassian.net Смогут ли руководители Atlassian сотрудничать с...

Андрей started a discussion 4 2 October 14, 2021

Atlassian maintains submissions to the Cloud Security Alliance (CSA) STAR Registry for our major Cloud Services. The STAR Registry hosts the Consensus Assessment Initiative Questionnaire (CAIQ), whic...

Bill Marriott published an article 6 0 October 7, 2021

...uestions: What are your tried-and-true security measures or best practices? What are the absolute must-haves / minimum requirement? What is your wishlist security initiative to accomplish? What w...

Sandy started a discussion 10 2 October 6, 2021

What's the best way to get "pushed" security related announcements from Atlassian?  Other vendors have mailing lists you can subscribe to or RSS feeds. Atlassian has a security announcements pa...

Librarian started a discussion 1 3 October 6, 2021

We have re-certified for Payment Card Industries (PCI) for all of our major products.  Specifically, we achieved certification for Jira, Confluence, Bitbucket, Trello, Statuspage, Opsgenie, Ha...

Guy published an article 5 1 October 5, 2021

We maintain an always on bug bounty to identify and triage issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third-party that...

Bill Marriott published an article 7 2 October 5, 2021

Hi there! Where can I find following info please: Is data encrypted on Jira Cloud? Is encryption done by keys dedicated to the customer?   Thank you!  

natalia.lezhai started a discussion 4 5 October 4, 2021

As we highlight each quarter, we maintain an always-on bug bounty to identify and triage security vulnerabilities in our products and services. Many customers ask us for ‘penetration reports’ or simi...

Bill Marriott published an article 6 1 September 30, 2021

Hi all, I have a - in my view - somewhat delicate problem and I am not entirely sure where to raise it. I used to work in a company that used Atlassian apps (let's call it @lastjob.com) until ...

Christoph Lunner started a discussion 2 6 September 29, 2021

Atlassian just updated our cloud architecture diagram to better address some of the questions our customers have.  Atlassian Cloud Architecture Diagram  

Griffin Jones published an article 13 3 September 13, 2021

...itbucket repository is private, users can still visit and view the static website. The same is true if the underlying repository is public. Mitigation Atlassian has added  bitbucket.io  to t...

Will Ratner published an article 8 0 September 8, 2021

With the end-of-life approaching for Confluence and Jira server products, we are looking at the cloud offerings from Atlassian.  We really enjoying using the products, but only have a small lice...

GC started a discussion 8 10 September 3, 2021

Hiya everyone! I’m Jake. I'm a new Product Manager on the Ecosystem Security team located in Jersey City, New Jersey . In my role, I will focus on all of Ecosystem’s Security Programs, and building ...

Jake Comito published an article 10 2 September 1, 2021

Check out how Atlassian approachs the software development lifecycle (SDLC.)

Griffin Jones published an article 5 0 August 31, 2021

TL/DR: The Atlassian Trust Center has new and improved Atlassian Compliance Resource Center! The Atlassian Trust, Security and Engagement team are proud to ship our latest project - the New Atl...

Jodie Vlassis published an article 8 2 August 26, 2021

Hi everyone! We recently released several new features to Atlassian Access we're excited to share with you! Tune in to this on-demand webinar as we cover: Administrative flexibility with a...

Sandy published an article 7 0 July 15, 2021

On July 2,  IT management software vendor Kaseya disclosed an active attack on a small number of customers of their Kaseya VSA product (Kaseya Security Advisory). The US-CERT reported this as a ...

David published an article 15 0 July 8, 2021

We maintain an always on bug bounty to identify and triage issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third-party that...

Bill Marriott published an article 7 0 July 6, 2021