Jira Release Documents

Rajeev Scaria October 20, 2020

Team,

We have given our Jira Cloud access to clients to track tickets in Jira. As per their CyberSecurity policy and release management policy, client wants to register it as new release and asking us to share relevant release documents for Jira.

Also, their Security team need to perform Pentration testing and code/Architecture review. Can you help with Jira release documents if any.

1 comment

Comment

Log in or Sign up to comment
Alan Parkinson
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
October 20, 2020

Hi Rajeev

Atlassian does produce a blog and announcements of changes to Jira Cloud but these aren't in the form of release notes due to the frequency of releases.

It's always best to get permission from a vendor before a pen test and you might want to point your client's security team to Atlassian's bug bounty program and its scope to decide if they want to Pen test and its valid boundaries. 

All the publicly available security documents are published by Atlassian here https://www.atlassian.com/trust/security

To be honest, I don't really know why they would want to do a code/architecture review on a Cloud system, it's not standard within the industry. Most security teams require CAIQ and possible ISO 27001 or SOC 2 reports/certifactions. All theses are published in the link above

Like # people like this
Bill Marriott
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 20, 2020

Hi @Rajeev Scaria - 

We now allow customers to perform their own vulnerability scans or penetration tests of our infrastructure or applications. You are welcome to review the results of our Bug Bounty program at our Security Practices page : https://www.atlassian.com/trust/security/security-practices#bug-bounty
See our announcement allowing security assessments of our cloud products : https://community.atlassian.com/t5/Trust-Security/Security-Assessments-for-Atlassian-Cloud-Products/gpm-p/1285129
Review rules for our Security Assessment program : https://www.atlassian.com/trust/security/penetration-testing

As for Jira Cloud Release Notes, see : https://community.atlassian.com/t5/Jira-Software-questions/Release-notes-in-Jira-Cloud/qaq-p/653264 

Like # people like this
Rajeev Scaria October 22, 2020

Thank you Alan and Bill for your valuable comments.

TAGS
AUG Leaders

Atlassian Community Events