Created Dec 2, 2020, Last active Apr 27, 2024
...uilt new controls into your Atlassian account, so you can decide what personal information is visible across Atlassian cloud products and public communities, such as the Atlassian Community and the D...
We have invested heavily in making encryption available for our cloud products because we believe that it is a best practice for all cloud SaaS providers to offer this additional layer of protection ...
As your company adopts more and more SaaS tools to solve for specific business problems, new challenges arise. It is more difficult to keeping your company data secure across a growing number of...
We've often heard that customers need information about our cloud infrastructure as a part of their evaluation of our reliability and security. For this reason, I'm excited to share a behind-...
Encryption at rest is here! Following up on a previous product update we made, we are excited to announce that encryption at rest now applies to all existing and new Atlassian cloud sites,&nbs...
Frequently we are asked questions about how we manage vulnerabilities in our products as well as in our platform. We do maintain standard processes for what we do when we discover a vulnerability in ...
I just wanted to call your attention to a webinar that will be happening next week! Product Managers from the Google Cloud Identity and Atlassian Access teams will be discussing: The role...
I just wanted to share a recap of the AMA Adrian Ludwig, Atlassian's CISO, did last week. He covered: Compliance certifications Atlassian’s security threat model for cloud p...
Hello Community! 👋 I just wanted to share some new cloud security offerings that our teams have been working on for many months. We are super excited to share these updates, as we know many o...
In July 2017, Atlassian renewed our commitment to provide best of industry security and launched our Bug Bounty Program. By putting our trust in security researchers, we have experienced tremendous s...
Hi All, I am looking into procuring JIRA as ALM tool but no sure why its written "if security is a concern, we generally recommend sticking with on-premise solutions, which will allow you to ...
We've been busy as a team working through support efforts for instances affected by recent exploits arising from Confluence vulnerabilities published at: https://confluence.atlassian.com/doc/conflu...
We maintain an always-on bug bounty to identify and triage security issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third-p...
Hey all, I have a question relating to the side-effects of the mitigation of this Confluence CVE. Specifically, the inability to see thumbnails of attached files after disabling the 'webDAV' pl...
Not too long ago, @Bill Marriott shared some tips for keeping your Atlassian cloud products secure. How do you manage users and maintain security for your Atlassian products? What are som...
Hello! Checking in from the product security team. Most of the time I'll be heads down in our infrastructure or code base, trying to systemically prevent or mitigate security issues. Lately I'...
Hi everyone! I'm Bill Marriott and I run the Trust & Security Program here at Atlassian. I’ve been publishing and answering questions about our overall Trust Program through the Atlassian ...
Hi Atlassian community, I live in Europe and hence my usage of Jira (JSD) needs to be GDPR comliant. According to GDPR you should not send personal information via email (because it is not encrypte...
So, as a FDA regulated company we have to validate off-the-shelf software that we use, with some exceptions. We recently went through an audit and is was brought up that the validation of Jira (writt...
This item make little to no sense to me. If it is a public forum/free application then that can make sense but in a corporate environment it makes no sense as there has to be abilities to have r...
With the new single sign on through my.atlassian for all cloud accounts we have run into an issue because we have two separate cloud accounts for two parts of our business. Because the feature set, ...
Chromebleed is telling me our ondemand site is vulnerable to HeartBleed issue. When is this going to get fixed?
The Trust & Security community group is Atlassian's go-to space for all things Security, Compliance, Privacy and more. This group is to share information, tips, and best practices for protecting your data and using Atlassian products in a secure and reliable way.
Copied to clipboard