Trust & Security

We recently updated and posted our Statement of Applicability for our products to our compliance FAQ.     Please see: https://www.atlassian.com/trust/compliance/compliance-faq

Griffin Jones started a discussion 2 15 June 9, 2020

Hi all,   Out of the JIRA Cloud service and BitBucket, can these services be or are they ITAR + NIST 800-171 compliant? As far as I know BitBucket cloud at least does not leave the United Stat...

Elias Moya started a discussion 11 29 June 3, 2020

Hello Team, Due to a compliance requirement, we had to share Pen Test report of Jira (Atlassian Bugcrowd 2019 Q4). Now we need a statement from you stating Vulnerabilities mentioned in this specifi...

Philip Choudhury started a discussion 0 3 May 26, 2020

...omplete out in order for us to share our documentation.As of right now access is limited to the Trust team and all requests for documentation will be routed to us for approval. In true Atlassian spirit w...

Griffin Jones started a discussion 2 0 May 22, 2020

Update Jun 22: Thanks to everyone who got in touch! This call for participation is now closed. --- Hi Security and Risk group! I'm Roger, a Product Manager at Atlassian. If you or your colleagu...

Roger Barnes started a discussion 2 0 May 21, 2020

Hi, I have read that JIRA Cloud is not HIPAA compliant yet, but what about JIRA Server? (specifically Jira Service Desk)   Thanks, Nicolas

Nicolas Khoury started a discussion 1 2 May 11, 2020

Hello Security Trust Community! I am happy to announce we have produced and published the Atlassian Sustainability Report 2020! Privacy & Security have been identified as ...

Jodie Vlassis started a discussion 1 2 April 22, 2020

Hello everyone, hope everyone is doing well!! I'm Soumyadeep Mandal or you can call me SaM! I'm an Atlassian user since last couple of years and I'm from Kolkata, India.&nbs...

Soumyadeep Mandal started a discussion 24 8 April 22, 2020

We maintain an always on bug bounty to identify and triage issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third-party that...

Bill Marriott started a discussion 9 1 April 20, 2020

There is a lot happening in our ecosystem right now...Check it out!  https://www.atlassian.com/blog/add-ons/cloud-ecosystem-security

Griffin Jones started a discussion 5 0 April 7, 2020

Hello I am researching the best way to design GRC structures using Jira and confluence. Any pointers to guidance would be appreciated

Nuala Clamp started a discussion 2 5 March 28, 2020

I was very fortunate to attend ISACA’s Sydney Chapter - International Women's Day conference here in Sydney recently. I was very honoured to represent Atlassian at this event (unfortunately I did not...

Jodie Vlassis started a discussion 3 2 March 25, 2020

Hello everyone! I just wanted to write a friendly post to introduce myself to the community. My name is Jodie and I have recently join the Security Trust team here at Atlassian. Given it has been a...

Jodie Vlassis started a discussion 8 0 March 15, 2020

At Atlassian, we are well aware of the importance of the data that you, our customers, store in our products. We aim to give you insight on all our products, but we’d like to start with Confluence an...

Bill Marriott started a discussion 4 1 February 26, 2020

Securing Third Party Apps   Atlassian leads by example with a thriving Marketplace ecosystem that enable our customers to unleash the potential of every team. As such, we are responsible ...

Griffin Jones started a discussion 4 0 February 24, 2020

A crowdsourced approach  A bug bounty program is one of the most powerful post-production tools you can implement to help detect vulnerabilities in your applications and services. Crowd...

Griffin Jones started a discussion 1 4 February 19, 2020

SOC 2 Overview SOC Reports are independent third-party examination reports that provide detailed information and assurance about controls in place at service organizations. Refer to the AICPA for...

Victoria started a discussion 6 2 February 6, 2020

What is it? When considering the term “risk,” most people usually associate it with “What could go wrong?”. While generally true and rooted in evolutionary cognitive bias, this is only part of t...

Griffin Jones started a discussion 8 1 February 5, 2020

Atlassian Rules For Security Testing Of Cloud Products Atlassian customers may carry out security assessments against their Atlassian Cloud Products (as defined below) without prior approval. The t...

Griffin Jones started a discussion 4 2 January 28, 2020

We maintain an always on bug bounty to identify and triage issues in our products and services. Many customers ask us for a copy of a recent ‘penetration reports’ or similar - basically a report from...

Bill Marriott started a discussion 7 0 January 23, 2020

We recently published a blog on CASBs. We cover the basics of how CASBs enhance security for cloud apps and how the fit into the broader IT and security landscape, but there is so much more t...

lauren started a discussion 0 2 December 2, 2019

In today's data-driven world, people are increasingly concerned about possible data breaches and the theft of important information. In order to protect its citizens, the EU Parliament adopted the&nb...

Andrei Pisklenov _Actonic_ started a discussion 6 0 November 21, 2019

We’ve heard from many of you - our customers - that you want more details about how we manage your data in our cloud. In many cases, the customers I personally hear from want to make sure that their ...

Bill Marriott started a discussion 5 1 October 30, 2019

We have re-certified for Payment Card Industries (PCI) for all of our major products.  Specifically, we achieved certification for Jira, Confluence, Bitbucket and :LearnDot: as they use t...

Bill Marriott started a discussion 2 0 October 15, 2019

The majority of Atlassian’s business runs on Amazon Web Services (AWS). Due to the large scale of our infrastructure, we allow for teams to manage their own changes without a centralised review. Atla...

flozza started a discussion 6 0 October 10, 2019