Created Dec 2, 2020, Last active Feb 27, 2025
The Trust & Security team is very excited to announce that Atlassian now hold company corporate partnerships with a range of industry affiliates! We are now officially and formally partnered wi...
Is there a place I can find a list of Atlassian Cloud Security Incidents in the past 24 months?
Atlassian recently explored the strategic, legal, and social nuances of vulnerability disclosure programs (VDPs) with Bugcrowd. In an interview with some of our top security engineers we discuss...
Atlassian maintains submissions to the Cloud Security Alliance (CSA) STAR Registry for our major Cloud Services. The STAR Registry hosts the Consensus Assessment Initiative Questionnaire (CAIQ), whic...
SOC 2 Overview SOC Reports are independent third-party examination reports that provide detailed information and assurance about controls in place at service organizations. Refer to the AICP...
We recently updated our Security Bug Fix Policy to reflect our current vulnerability resolution timeframes. Most notably, we have shortened the time frame in which we aim to address all se...
We maintain an always on bug bounty to identify and triage issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third-party that...
Hi Team :) I worked a year on security and now I am at Select Support at Atlassian. I have knowledge of web app security, IPS, IDS, devsecops, and some other cool sec stuff. Please let...
We recently updated and posted our Statement of Applicability for our products to our compliance FAQ. Please see: https://www.atlassian.com/trust/compliance/compliance-faq
Hi all, Out of the JIRA Cloud service and BitBucket, can these services be or are they ITAR + NIST 800-171 compliant? As far as I know BitBucket cloud at least does not leave the United Stat...
...pecific report (Link below) were already addressed by the time report made available publicly. https://www.atlassian.com/br/dam/jcr:161357c4-7380-450f-b8a6-0a4cb14af625/Atlassian_Bugcrowd_Report-2020-0...
...omplete out in order for us to share our documentation.As of right now access is limited to the Trust team and all requests for documentation will be routed to us for approval. In true Atlassian spirit w...
Update Jun 22: Thanks to everyone who got in touch! This call for participation is now closed. --- Hi Security and Risk group! I'm Roger, a Product Manager at Atlassian. If you or your colleagu...
Hi, I have read that JIRA Cloud is not HIPAA compliant yet, but what about JIRA Server? (specifically Jira Service Desk) Thanks, Nicolas
Hello Security Trust Community! I am happy to announce we have produced and published the Atlassian Sustainability Report 2020! Privacy & Security have been identified as ...
Hello everyone, hope everyone is doing well!! I'm Soumyadeep Mandal or you can call me SaM! I'm an Atlassian user since last couple of years and I'm from Kolkata, India.&nbs...
We maintain an always on bug bounty to identify and triage issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third-party that...
There is a lot happening in our ecosystem right now...Check it out! https://www.atlassian.com/blog/add-ons/cloud-ecosystem-security
Hello I am researching the best way to design GRC structures using Jira and confluence. Any pointers to guidance would be appreciated
I was very fortunate to attend ISACA’s Sydney Chapter - International Women's Day conference here in Sydney recently. I was very honoured to represent Atlassian at this event (unfortunately I did not...
...ackground and experience, I'd gained experience across both private and public sectors. I have worked alongside top management to improve business performance by designing intelligent ways to achieve d...
At Atlassian, we are well aware of the importance of the data that you, our customers, store in our products. We aim to give you insight on all our products, but we’d like to start with Confluence an...
Securing Third Party Apps Atlassian leads by example with a thriving Marketplace ecosystem that enable our customers to unleash the potential of every team. As such, we are responsible ...
A crowdsourced approach A bug bounty program is one of the most powerful post-production tools you can implement to help detect vulnerabilities in your applications and services. Crowd...
SOC 2 Overview SOC Reports are independent third-party examination reports that provide detailed information and assurance about controls in place at service organizations. Refer to the AICPA for...
The Trust & Security community group is Atlassian's go-to space for all things Security, Compliance, Privacy and more. This group is to share information, tips, and best practices for protecting your data and using Atlassian products in a secure and reliable way.
Copied to clipboard