Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,369,088
Community Members
 
Community Events
168
Community Groups

Jira Release Documents

Team,

We have given our Jira Cloud access to clients to track tickets in Jira. As per their CyberSecurity policy and release management policy, client wants to register it as new release and asking us to share relevant release documents for Jira.

Also, their Security team need to perform Pentration testing and code/Architecture review. Can you help with Jira release documents if any.

1 comment

Hi Rajeev

Atlassian does produce a blog and announcements of changes to Jira Cloud but these aren't in the form of release notes due to the frequency of releases.

It's always best to get permission from a vendor before a pen test and you might want to point your client's security team to Atlassian's bug bounty program and its scope to decide if they want to Pen test and its valid boundaries. 

All the publicly available security documents are published by Atlassian here https://www.atlassian.com/trust/security

To be honest, I don't really know why they would want to do a code/architecture review on a Cloud system, it's not standard within the industry. Most security teams require CAIQ and possible ISO 27001 or SOC 2 reports/certifactions. All theses are published in the link above

Like # people like this

Hi @Rajeev Scaria - 

We now allow customers to perform their own vulnerability scans or penetration tests of our infrastructure or applications. You are welcome to review the results of our Bug Bounty program at our Security Practices page : https://www.atlassian.com/trust/security/security-practices#bug-bounty
See our announcement allowing security assessments of our cloud products : https://community.atlassian.com/t5/Trust-Security/Security-Assessments-for-Atlassian-Cloud-Products/gpm-p/1285129
Review rules for our Security Assessment program : https://www.atlassian.com/trust/security/penetration-testing

As for Jira Cloud Release Notes, see : https://community.atlassian.com/t5/Jira-Software-questions/Release-notes-in-Jira-Cloud/qaq-p/653264 

Like # people like this

Thank you Alan and Bill for your valuable comments.

Comment

Log in or Sign up to comment
TAGS

Atlassian Community Events