The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
No | Check |
1 | Are there any known vulnerabilities and are all vulnerabilities with CVE above 4.0 are patched? |
2 | Is there a link on the website for patch releases and how do we ensure latest security patches are applied, wherever applicable.? |
3 | Is there a defined vulnerability discovery mechanism? |
4 | Is there a criteria defined for releasing a security patch? |
5 | Is there a timeline defined for vulnerability discovery to patch roll-out? |
6 | Is internet access required? If yes, access shall be for which ports? (e.g. FTP, SSH/SFTP, Telnet, SMTP, DNS, Win Shares, RDP) |
7 | All security settings recommended by vendor shall be applied (Hardening) |
8 | Is there any exceptions for AV, patch, USB or other exceptions on system where this is to be installed? |
9 | What are the privileges required for using/running the file? |
10 | If ports need to be opened to extranet systems, vulnerabilities associated shall be assessed and remediated |
11 | Is there a process for patch deployment at remote locations? |
Hello Sourcetree users!!! With the recent removal of Bitbucket Cloud account passwords for app passwords (please see our Bitbucket Cloud community post for details on why we made this change for se...
Connect with like-minded Atlassian users at free events near you!
Find an eventConnect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.
Host an eventYou're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events