Highlighted

Hello Everyone

Hi Team :)

I worked a year on security and now I am at Select Support at Atlassian.

I have knowledge of web app security, IPS, IDS, devsecops, and some other cool sec stuff.

 

Please let me know if you need any assistance on security things ;)

3 comments

Hi Fabiano,

Do you know when Atlassian is planning to make cloud products HIPAA compliant?

Thanks!

Hi Jaswanth,

 

It is something we are exploring. You can see it here on our roadmap!

 

https://www.atlassian.com/trust/roadmap?tab=compliance

Thanks @Griffin Jones (:

Hello Griffin,congratulations on your improvements, maybe need your advice in the future-this is good to know.Thanks

Like Griffin Jones likes this

Hi @Fabiano Martins ,
Congrats on the new role 👏

Are there any plans for any Atlassian products (Server/DCE) to support WAF?
Thank you.

Hi Rodolfo, 

Usually, there are no short answers for WAF support since there are multiple types and brands of WAF.

We have some useful links about ports that might help you to start your project.

https://confluence.atlassian.com/kb/ports-used-by-atlassian-applications-960136309.html

 

Are you having any specific implementation in mind? Would be easier to open a ticket on https://getsupport.atlassian.com/ to have a word about it. 

Thank you, Fabiano.

I was querying about AWS WAF and I've contacted Atlassian Support who have replied that there isn't any official documentation regarding configuring WAF and have suggested posting Atlassian Community.

Sharon Helms Community Leader Jul 15, 2020

Hi @Fabiano Martins , 

I work at a University, and we're using Jira Service Desk for thousands of customers (students, faculty, staff) visiting our Help Center. The nature of some requests means that private information is sometimes shared.

Our Chief Information Security Officer has expressed some security and privacy concerns about our customers' data being inadvertently exposed if agents add the wrong customer as a Request participant (they can only search by name, not by email address, and some people have common names).

Is there someone on Atlassian's Security team who our CISO could reach out to? 

We have added comments to JAC issues requesting the ability to search for customers by email address, but those issues have not been addressed by Atlassian employees yet.

Thanks for any ideas you might have! - Sharon

Comment

Log in or Sign up to comment
TAGS