Trust & Security
Created Dec 2, 2020, Last active Nov 6, 2024
-
Hi, I registered to report that the bitbucket cloud is used by spammers and phishers (I don't see any other way to convey information to technical support) - the link https_://bitbucket.org/dsns...
-
Overview The Health Insurance Portability and Accountability Act (HIPAA) is a federal law developed by the U.S. Department of Health and Human Services and was established in 1996. It was...
-
FYI, I have consistently been getting these DMARC fail notifications from automated community notifications for a couple of weeks at least. They are almost certainly generated by replies to messages ...
-
Overview The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 167 national standards bodies. ISO br...
-
Take immediate action to protect your instance We have discovered that Confluence Data Center and Server customers on out-of-date versions including 8.4.5 are vulnerable to a remote code execution ...
-
At the start of each quarter, we publish a roll-up report from each of our Bug Bounty programs to give our customers a view of the progress of the program and the vulnerabilities. For many customers,...
-
Overview System and Organization Controls (SOC) Reports are independent third-party examination reports that provide detailed information and assurance about controls in place at service organizati...
-
05/02/2024 Update: this feature is now generally available! Hello Trust & Security Community! We know Marketplace apps are a key part of your Atlassian solution, but depending on you...
-
Hi community! My name is Steph and I’m from the Cloud Security team at Atlassian. We're working on a feature that will let customers classify their data according to their company policies or indus...
-
First of all the Vulnerability portal (https://www.atlassian.com/trust/data-protection/vulnerabilities) is a great starting point to keep track of vulnerabilities. Recently I've played around with...
-
My company is undergoing external audits and we need security compliance attestations from all of our vendors. We have the Jan2023 SOC2 Bridge report from Atlassian but now require an updated C...
-
Hi, Does the Security vulnerability CVE-2023-49070 affect Jira Data Center running on v9.4.2? If so, is there a workaround for this security vulnerability? Reference - https://www.bleepingcomp...
-
REF CVE-2023-51467
-
Hello, We use Jira et Confluence Data Center. I saw the vulnerability CVE-2023-51467, regarding to Apache OFBiz. Our Atlassian Products are impacted? Do they use ...
-
Hello community, We have discovered four critical vulnerabilities impacting customers of the products listed below. All four vulnerabilities carry a critical CVSS score of 9.0 or higher, and custom...
-
Hi Atlassian Community, I’m Dimitris, a Senior Product Marketing Manager at Adaptavist. My team is currently conducting research to improve one of our Jira apps — Encryption for Jira — and we...
-
...ttestations to help them understand the controls we have in place so they can use our products in a manner compliant with their applicable regulations. Staying true to our value, we pride ourselves with how t...
-
I have read all the reports on the internet and I could see that the massive attacks on Confluence happened because the attackers learned pretty quickly how to exploit this vulnerability. As a result...
-
Hi community! My name is Tara and I’m from the Cloud Security team at Atlassian. We’ve introduced a new feature called data security policies that allow organization admins to prevent the inappropr...
-
Hi community! My name is Caleb Zeringue and I’m from the Cloud Security team at Atlassian. NOTE *You may have seen a post from me earlier this week, but we’ve updated our time slots and simpl...
-
We are excited to announce that Bring Your Own Keys (BYOK) encryption for Jira Software is now available to all customers with Enterprise plans. For customers who are required to apply BYO...
-
...atch, no further action is required. 02 Nov 2023 UPDATE: As part of Atlassian's ongoing monitoring of this CVE, we observed publicly posted critical information about the vulnerability w...
-
At the start of each quarter, we publish a roll-up report from each of our Bug Bounty programs to give our customers a view of the progress of the program and the vulnerabilities. For many customers,...
-
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data C...
-
Hi all, We know that many of you have been waiting to hear about our plans for FedRAMP and I am happy to share that we’re on pace to have our In Process designation via agency authorization by Q2 2...
Description
The Trust & Security community group is Atlassian's go-to space for all things Security, Compliance, Privacy and more. This group is to share information, tips, and best practices for protecting your data and using Atlassian products in a secure and reliable way.
Copied to clipboard