Trust & Security

Regarding the "spring4shell"   vulnerability    in https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/   . Does anyone know that this  vulnerability&nbsp...

James Clarke asked a question 26 6 03-31-2022

Hi Seems to be that new threat is out and would it peril Atlassian products server/dc also? https://www.bleepingcomputer.com/news/security/new-spring-java-framework-zero-day-allows-remote-code-exec...

Urmo Luts asked a question 3 2 03-31-2022

Today, I find that "spring2shell" volnerabilities in https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/ . Does anyone know that this volnerabilities affect Atlassian products such lik...

Chihara asked a question 7 8 03-30-2022

Hi there Trust and Security group members! I’m part of the Data Center marketing team here at Atlassian and wanted to be sure you all knew about our new Data Center community group. Just as this Trus...

Mel Policicchio published an article 5 13 03-28-2022

On March 22, identity and access management company Okta disclosed the account compromise of a third-party customer support engineer that occurred in January 2022. LAPSUS$ claimed responsibility for ...

Dan Hranj published an article 16 5 03-22-2022

A customer who is migrating to Cloud is asking for confirmation that Personal Identifiable Information (PII) and user data (e.g. issue titles, summary, attachment filenames, project names, etc.) are ...

Dom Bush asked a question 3 4 03-22-2022

What is data anonymization? By definition, data anonymization is information sanitization for privacy protection. It is the process of removing personally identifiable information from data sets...

Andreas Springer _Actonic_ published an article 5 1 03-10-2022

When customers entrust you with their personal information, like their credit card numbers, addresses for delivery, names, IP addresses… it is because they trust you to handle and protect their data....

Andreas Springer _Actonic_ published an article 7 2 03-03-2022

...rofile Opsgenie Security Profile  Statuspage Security Profile Trello Security Profile In true Atlassian spirit, we believe that opening as many channels for our customers t...

pknowlton published an article 6 0 02-28-2022

GDPR stands for General Data Protection Regulation. It is a privacy and security regulation, and it is considered one of the toughest in the world. GDPR came into effect in May 2018, impacting organi...

Andreas Springer _Actonic_ published an article 5 1 02-24-2022

ISO/IEC 27001 Certification Update Overview The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a me...

Hema Vadodaria published an article 9 2 02-03-2022

...psgenie Security Profile  Statuspage Security Profile Trello Security Profile In true Atlassian spirit we believe that opening as many channels for our customers to self serve is a more s...

Bill Marriott published an article 11 0 02-03-2022

If you'd rather skip straight to the technical details, here's the blog post explaining how it all works. This post is the high-level story of how this technique was found, in which the story makes...

Alex Hope published an article 9 1 01-26-2022

...revent this by editing ~/Library/Group Containers/group.com.docker/settings.json to set openUIOnStartupDisabled to true . (This can be done without root access.) When Docker Desktop starts, o...

Alex Hope published an article 14 0 01-26-2022

Atlassian maintains submissions to the Cloud Security Alliance (CSA) STAR Registry for our major Cloud Services. The STAR Registry hosts the Consensus Assessment Initiative Questionnaire (CAIQ), whic...

Bill Marriott published an article 8 0 01-19-2022

We maintain an always on bug bounty to identify and triage issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third-party that...

Bill Marriott published an article 7 0 01-19-2022

Hi there, I use atlassian jira/confluence to stay in practice (Germany). Today I've got an e-mail from an unknown person (don't have any contacts to (?) Mexico - sure we're working on the www inter...

Peter Freyler started a discussion 1 1 01-14-2022

Hello guys, I am using the Confluence but i do not know which email has the Global Permissions. Since the administrator created the trial and set up everything but now the roles somehow changed with...

Asrar asked a question 2 1 01-10-2022

G’day everyone and happy 2022!  My name is Filiberto Selvas and I’m a Principal Product Manager focused on data management and compliance in highly regulated industries ! At Atlassian, we un...

Filiberto Selvas published an article 14 20 01-04-2022

Overview System and Organization Controls (SOC) Reports are independent third-party examination reports that provide detailed information and assurance about controls in place at service organizati...

Amy Knapp published an article 10 2 12-21-2021

After the discovery of the vulnerability of version 1.2.17 of Log4j when is Atlassian intending to add the latest version of Log4j as part of the standard on premise installation?

terence_wright_airbus_com asked a question 0 2 12-17-2021

On December 9, Atlassian became aware of the vulnerability CVE-2021-44228 - Log4j. Impact on Cloud Products This vulnerability has been mitigated for all Atlassian cloud products previously ...

Jodie Vlassis published an article 47 19 12-13-2021

Hi everyone! Thanks to all who joined us for our webinar on   Privacy, security, and compliance in Atlassian Cloud.   If you missed it or weren’t able to catch the whole thing, you can ...

Hosana published an article 4 1 12-13-2021

hi, since the official statement about log4j is pretty brief (not to say lame), i'm looking for answers here. The vulnerability has been disclosed 4 days ago and still Confluence does not give any up...

Timo Hilbertz asked a question 2 5 12-13-2021

Hello, hopefully, I'm right here. Just got mentioned towards https://www.lunasec.io/docs/blog/log4j-zero-day/ our bitbucket 7.17.1 seems to use log4j 2.14.1. elasticsearch uses 2.11.1  [git ...

Jens Rapp asked a question 3 11 12-13-2021