Trust & Security
Created Dec 2, 2020, Last active Jul 3, 2025
-
...ira Ticket Details For the published Public Security Vulnerability tickets on Jira.Atlassian.com, as part of this bulletin, we have published a detailed Affected & Fixed Version table specific to t...
-
Following on from our FY22 Annual Bug Bounty Report, we have updated the FY23 report to reflect a full year of statistics and data about our Bug Bounty Programs as part of our overall Cloud Vulnerabi...
-
Hello, The attestation of compliance provided here is for the previous year: https://www.atlassian.com/trust/compliance/resources/pci-dss When will the new version be published? Thanks
-
Hello, out security team reported, that the integrated SSH server in Bitbucket is vulnerable to a weakness called terrapin, which allows man-in-the-middle-attack. What is the status regarding a sec...
-
Hi community! My name is Guy and I’m from the Ecosystem team at Atlassian. We're working on a feature that will let customers manage apps' access to your organization’s data through a data security...
-
On February 1, Cloudflare has concluded its investigation of an incident that occurred in November 2023, during which a threat actor gained access to Cloudflare’s Atlassian Data Center instances...
-
Hello community members! I’m Tiffany, Associate Product Manager on the Confluence team. Last year, we launched Confluence Public Links that enabled anyone on the internet to view Confluence pages....
-
Hi, I registered to report that the bitbucket cloud is used by spammers and phishers (I don't see any other way to convey information to technical support) - the link https_://bitbucket.org/dsns...
-
Overview The Health Insurance Portability and Accountability Act (HIPAA) is a federal law developed by the U.S. Department of Health and Human Services and was established in 1996. It was...
-
FYI, I have consistently been getting these DMARC fail notifications from automated community notifications for a couple of weeks at least. They are almost certainly generated by replies to messages ...
-
Overview The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 167 national standards bodies. ISO br...
-
Take immediate action to protect your instance We have discovered that Confluence Data Center and Server customers on out-of-date versions including 8.4.5 are vulnerable to a remote code execution ...
-
At the start of each quarter, we publish a roll-up report from each of our Bug Bounty programs to give our customers a view of the progress of the program and the vulnerabilities. For many customers,...
-
Overview System and Organization Controls (SOC) Reports are independent third-party examination reports that provide detailed information and assurance about controls in place at service organizati...
-
05/02/2024 Update: this feature is now generally available! Hello Trust & Security Community! We know Marketplace apps are a key part of your Atlassian solution, but depending on you...
-
Hi community! My name is Steph and I’m from the Cloud Security team at Atlassian. We're working on a feature that will let customers classify their data according to their company policies or indus...
-
First of all the Vulnerability portal (https://www.atlassian.com/trust/data-protection/vulnerabilities) is a great starting point to keep track of vulnerabilities. Recently I've played around with...
-
My company is undergoing external audits and we need security compliance attestations from all of our vendors. We have the Jan2023 SOC2 Bridge report from Atlassian but now require an updated C...
-
Hi, Does the Security vulnerability CVE-2023-49070 affect Jira Data Center running on v9.4.2? If so, is there a workaround for this security vulnerability? Reference - https://www.bleepingcomp...
-
REF CVE-2023-51467
-
Hello, We use Jira et Confluence Data Center. I saw the vulnerability CVE-2023-51467, regarding to Apache OFBiz. Our Atlassian Products are impacted? Do they use ...
-
Hello community, We have discovered four critical vulnerabilities impacting customers of the products listed below. All four vulnerabilities carry a critical CVSS score of 9.0 or higher, and custom...
-
Hi Atlassian Community, I’m Dimitris, a Senior Product Marketing Manager at Adaptavist. My team is currently conducting research to improve one of our Jira apps — Encryption for Jira — and we...
-
...ttestations to help them understand the controls we have in place so they can use our products in a manner compliant with their applicable regulations. Staying true to our value, we pride ourselves with how t...
-
I have read all the reports on the internet and I could see that the massive attacks on Confluence happened because the attackers learned pretty quickly how to exploit this vulnerability. As a result...
Description
The Trust & Security community group is Atlassian's go-to space for all things Security, Compliance, Privacy and more. This group is to share information, tips, and best practices for protecting your data and using Atlassian products in a secure and reliable way.
Copied to clipboard