Hello,
I need to know if Jira take security risks into account? which risks are detected in Jira compare to top10 security risks (https://www.owasp.org/index.php/Top_10_2010-Main)
Manuel,
I think Dennis meant me when he said "Chief Security Officer". I can assure you that whenever we discover a security vulnerability, we fix it as soon as we can, usually very quick. You can check our advisories at http://confluence.atlassian.com/display/SECURITY.
I would never go as far as to say "we are absolutely sure we are secure against any possible vulnerability". If any vendor tells you that they are, they are lying or ignorant.
Sure, an application can't be secured against all, but I just wanted to know if Jira took security risks known into account. It seems to be the case.
Thanks for your responses.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The link that you had provided in the answer is not working . Please check.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Right now we are secure against each known security vulnerability. We also have a dedicated team and Chief Security Officer that focuses on hardening our tools, QA testing and risk management. As always, we highly recommend to update to the latest version of JIRA, especially when it comes to security patches.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
No worries! Feel free to email me at dennis@atlassian.com if you have any security sensitive questions regarding our products :)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.