Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

How do you investigate of your security of instance proactively?



How do you investigate of your security of instance proactively?

I see in many companies use the different security scanners for analysis ( e.g. Jira. 

Just curious how often do you do ? What kind methods do you use ?

is this for compliance and checklist? 



Gonchik Tsymzhitov


Dave Liao Community Leader Apr 18, 2021

Regarding how often you scan a system, depends on several factors:

  • If you're scanning in an automated fashion, you're always watching. 😉 If manual work is needed, you scan as often as practical (have a security team? how big is the security team, etc.).
  • If you care about information security, protect and monitor systems you care about the most, depending on the knowledge stored in those systems.

I also suggest cross-posting this in Trust & Security. 💪

Daniel Ebers Community Leader Apr 25, 2021

From previous experience this is a lengthy topic (beg my pardon I touched some more aspects than just the security scanners) where many details can be unfold - but in general, I suppose, overall they just repeat best practises for IT which are documented for many, many years.

I'd like just to name a few - all of them, like I said, supposedly are repetitions:

  • keeping the systems on a reasonable current patch level is key
    • keep an eye on outdated packages, where possible use unattended upgrades of some kind
  • do backups
    • rather than just relying on RAID (already seen this) have a proper backup strategy in place, for the system itself as well as for the database
  • have all involved system configured properly
    • do the usual considerations as for patch strategy, backup strategy, user management, alongside with restore tests, failover tests (where applicable) and conduct simulated incident scenarios
  • document everything, where possible
    • documentation is key, especially if you are ill or on vacation
    • check documentation with team members if they understand what is written down, if they can act using your documentation in an emergency case
  • spread knowledge
    • while you maybe are the go-to-expert for Atlassian related stuff try to spread knowledge in a way some more colleagues are able to get things running (whereas they probably not need to know the very last detail in workflow specialities and how to deal with them)
  • security scanners can add to the overall security level, no questions
    • you can scan on whatever interval sounds reasonable for your team
      • weekly
      • bi-weekly
      • monthly
    • you surely already scan for known exploits regarding
      • the OS itself
      • any needed packages but not necessarily bound to Jira operations like the database (PostgreSQL, MySQL, ...), local packages having vulnerabilities, other system services (ntp, mta, ...)
      • finally Jira - in case of any Security Advisory the security scanner should alarm you additionally to the mail you surely receive in parallel from Atlassian (therefore I have a strong recommendation for, at least, weekly scans - this however might depend if your Jira instances are behind the firewall and/or internet-facing)

One topic that I have seen in discussions lately is the preservation of logs (catalina.out/atlassian-jira.log and probably atlassian-jira-security.log) in a separated logging-system to detect irregularities or if the server was already compromised and the original system cannot be trusted anymore.

The list can be continued (I heard of implementations that scan the attachment directory for viruses and other malicious contents) and is by no means complete (one could start with discussing the presence of a correctly configured firewall and end up with the statement that only trusted admins should be act on basic system levels and so on). So please consider all of the said above as some basic idea that came to my mind and what seems to be common with Jira-admins I recently spoke with.

Like Dave Liao likes this

Thank you ,

I am also interested to the tooling. 


Log in or Sign up to comment
Community showcase
Published in Jira Software

An update on Jira Software customer feedback – June 2022

Hello Atlassian Community! Feedback from customers like you has helped us shape and improve Jira Software. As Head of Product, Jira Software, I wanted to take this opportunity to share an update on...

76 views 1 3
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you