Following on our first ever Annual Bug Bounty Report from 2021, this year for the first time, we are publishing an in-depth report detailing a full year of statistics and data about our Security Incident Management program. The Annual Security Incident Report includes statistics and data for the July 2021 to June 2022 timeframe, which is Atlassian’s FY22 financial year.
We published this report about our Security Incident Management program to give our customers a view on progress of the overall program and some details about the incidents that were investigated and resolved. For most customers, this is the first time to get access to this level of detail around security incidents that we have experienced at Atlassian.
Stats for the year
In the July 2021 to June 2022 timeframe, Atlassian resolved 34 Security Incidents. Importantly, we did not experience a Severity 0 (highest severity), with 23% in Severity 1 (very high impact) or Severity 2 (significant impact), also importantly, 77% were Severity 4 (lowest impact).
Malware infection on Atlassian endpoints accounted for 22% of security incidents (no malware infection in Atlassian Cloud environment), and Product Vulnerabilities accounted for 17% of security incidents.
More than 50% of security incidents were detected within 8 hours, and 44% of security incidents were contained within 8 hours.
Download the annual bug bounty report
The July 2021 to June 2022 Annual Security Incident Report can be found on our Security at Atlassian main page. Read more about our Atlassian Security Incident Management program.
1 comment