groups-icon

Trust & Security

Created Dec 2, 2020, Last active today

cancel
Showing results for 
Search instead for 
Did you mean: 
  • SOC 2 Reporting Improvements

    Atlassian’s 2020 reporting consisted of 8 SOC 2 reports individually attesting compliance for our cloud products. With each weighing-in at ~90 pages, we saw duplication of content, effort, inconsiste...

    Amy Knapp published an article 8 3 11-30-2021
  • Have you seen the Government Community Group?

    Hey there! If you’re looking for more tips and best practices for protecting your data and using Atlassian products securely and you’re part of the public sector, check out the Atlassian Governme...

    Mel Policicchio published an article 5 1 11-09-2021
  • Introducing the upcoming EAP for Bring Your Own Key Encryption (BYOK) - Join us!

    Hello! We know that security and data management are top priorities for you, so they remain a top priority for us. We’ve heard from many of you that BYOK (bring your own key) encryption is an importa...

    Bhavya Nag published an article 12 0 11-03-2021
  • Introducing Icarus Labs

    Icarus Labs is Atlassian's experimental security research team. It’s inspired by research groups like Google's Project Zero and Facebook’s Red Team X (which research new vulnerabilities), but for any...

    Alex Hope published an article 23 0 11-02-2021
  • 事業継続計画 - 製品データのローカルコピー

    Atlassian Cloud 製品の管理者が 事業継続計画 (BCP; business continuity planning) を立案するときに役立つ情報を紹介します。   ■ 前提知識 システムにより担保されている回復性は アトラシアンによる顧客データの管理 をご参照ください。以降、本稿では各製品の管理者が行えるアクションを紹介します。 &n...

    K. Yamamoto published an article 3 0 10-26-2021
  • New Atlassian Standard Contractual Clauses (SCC)

    What are Standard Contractual Clauses (SCCs)? On Jun 4, 2021 , an updated version of the Standard Contractual Clauses (or SCCs) was published by lawmakers in the European Union (EU) and they ...

    Bill Marriott published an article 4 1 10-26-2021
  • Letters of Assessment Announcement - October 2021

    Atlassian primarily relies on our Atlassian Bug Bounty Program and our own internal testing by our Security Engineers to test and identify security issues or vulnerabilities ...

    Tanvir Ahmed started a discussion 8 1 10-24-2021
  • Trello Enterprise FedRAMP Authority to Operate (ATO) | FY22 Edition

    We’re excited to announce that Trello has successfully completed their annual FedRAMP security assessment. For those not aware, Trello is now on its second year of having FedRAMP Tailored authorizati...

    Miller published an article 9 0 10-21-2021
  • Whistic program

    Hi,   Last year there was a security program where 73 questions had to be answered through Whistic and a green-yellow-red rating could be obtained. Will this program be continued?

    József Markovics-Horváth asked a question 2 3 10-17-2021
  • Atlassian Marketplace fake reviews

    Hi, Recently regulators in the EU and US have become more active in trying to prevent fake reviews in marketplaces. For example see https://www.theregister.com/2021/10/14/fake_reviews_ftc/ . The ...

    marc -Collabello--Phase Locked- asked a question 12 0 10-15-2021
  • Atlassian criminal use

    Hello. A user of the Atlassian platform uses it to send spam with blackmail and extortion. This user's address is: jira@trans-l3eerf55.atlassian.net Смогут ли руководители Atlassian сотрудничать...

    Андрей asked a question 4 2 10-14-2021
  • Cloud Security Alliance CAIQ Updates - October 2021

    Atlassian maintains submissions to the Cloud Security Alliance (CSA) STAR Registry for our major Cloud Services. The STAR Registry hosts the Consensus Assessment Initiative Questionnaire (CAIQ), whic...

    Bill Marriott published an article 6 0 10-07-2021
  • It's Cybersecurity Awareness Month!

    ...uestions: What are your tried-and-true security measures or best practices? What are the absolute must-haves / minimum requirement? What is your wishlist security initiative to accomplish? What w...

    Sandy started a discussion 10 2 10-06-2021
  • Subscribing to security errata - recommendations?

    What's the best way to get "pushed" security related announcements from Atlassian?  Other vendors have mailing lists you can subscribe to or RSS feeds. Atlassian has a security announcements pa...

    Ray asked a question 1 3 10-06-2021
  • Payment Card Industries (PCI) Certification - FY22 Edition

    We have re-certified for Payment Card Industries (PCI) for all of our major products.  Specifically, we achieved certification for Jira, Confluence, Bitbucket, Trello, Statuspage, Opsgenie, Ha...

    Guy published an article 5 1 10-05-2021
  • Atlassian Bug Bounty Update - October 2021

    We maintain an always on bug bounty to identify and triage issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third-party that...

    Bill Marriott published an article 7 2 10-05-2021
  • Does Atlassian Cloud applications encrypt data?

    Hi there! Where can I find following info please: Is data  encrypted on Jira Cloud? Is encryption done by keys dedicated to the customer?   Thank you!  

    natalia_lezhai asked a question 4 5 10-04-2021
  • July 2020 - June 2021 Atlassian Annual Bug Bounty Report

    As we highlight each quarter, we maintain an always-on bug bounty to identify and triage security vulnerabilities in our products and services. Many customers ask us for ‘penetration reports’ or simi...

    Bill Marriott published an article 6 1 09-30-2021
  • Unknown users in my Atlassian directory

    Hi all, I have a - in my view - somewhat delicate problem and I am not entirely sure where to raise it. I used to work in a company that used Atlassian apps (let's call it @lastjob.com) until ...

    Christoph Lunner asked a question 2 6 09-29-2021
  • Updated Atlassian Cloud Architecture Diagram

    Atlassian just updated our cloud architecture diagram to better address some of the questions our customers have.  Atlassian Cloud Architecture Diagram  

    Griffin Jones published an article 9 3 09-13-2021
  • Spook.js: speculative execution resulting in cross-domain browser information leakage

    ...epository can be a public or a private repository. This means if your Bitbucket repository is private, users can still visit and view the static website. The same is true if the underlying repository i...

    Will Ratner published an article 8 0 09-08-2021
  • FBI CJIS Security Policy

    With the end-of-life approaching for Confluence and Jira server products, we are looking at the cloud offerings from Atlassian.  We really enjoying using the products, but only have a small lice...

    GC asked a question 7 9 09-03-2021
  • Updates to Atlassian's Ecosystem Security Bug Bounty Programs

    Hiya everyone! I’m Jake. I'm a new Product Manager on the Ecosystem Security team located in Jersey City, New Jersey . In my role, I will focus on all of Ecosystem’s Security Programs, and build...

    Jake Comito published an article 10 2 09-01-2021
  • Atlassian's Software Development Lifecycle

    Check out how Atlassian approachs the software development lifecycle (SDLC.)

    Griffin Jones published an article 5 0 08-31-2021
  • Introducing Atlassian's new Compliance Resource Center

    TL/DR: The Atlassian Trust Center has new and improved Atlassian Compliance Resource Center! The Atlassian Trust, Security and Engagement team are proud to ship our latest project - the New Atl...

    Jodie Vlassis published an article 8 2 08-26-2021
1,601
members
904
posts
This widget could not be displayed.
This widget could not be displayed.

Description

This community group is a space to share information, tips, and best practices for protecting your data and using Atlassian products in a secure and reliable way.

Group Leaders • 4
Atlassian Team
Atlassian Team
Atlassian Team
Atlassian Team
See all