Trust & Security
Created Dec 2, 2020, Last active Feb 21, 2025
-
Hello community, We have discovered four critical vulnerabilities impacting customers of the products listed below. All four vulnerabilities carry a critical CVSS score of 9.0 or higher, and custom...
-
Hi Atlassian Community, I’m Dimitris, a Senior Product Marketing Manager at Adaptavist. My team is currently conducting research to improve one of our Jira apps — Encryption for Jira — and we...
-
...ttestations to help them understand the controls we have in place so they can use our products in a manner compliant with their applicable regulations. Staying true to our value, we pride ourselves with how t...
-
I have read all the reports on the internet and I could see that the massive attacks on Confluence happened because the attackers learned pretty quickly how to exploit this vulnerability. As a result...
-
Hi community! My name is Tara and I’m from the Cloud Security team at Atlassian. We’ve introduced a new feature called data security policies that allow organization admins to prevent the inappropr...
-
Hi community! My name is Caleb Zeringue and I’m from the Cloud Security team at Atlassian. NOTE *You may have seen a post from me earlier this week, but we’ve updated our time slots and simpl...
-
We are excited to announce that Bring Your Own Keys (BYOK) encryption for Jira Software is now available to all customers with Enterprise plans. For customers who are required to apply BYO...
-
...atch, no further action is required. 02 Nov 2023 UPDATE: As part of Atlassian's ongoing monitoring of this CVE, we observed publicly posted critical information about the vulnerability w...
-
At the start of each quarter, we publish a roll-up report from each of our Bug Bounty programs to give our customers a view of the progress of the program and the vulnerabilities. For many customers,...
-
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data C...
-
Hi all, We know that many of you have been waiting to hear about our plans for FedRAMP and I am happy to share that we’re on pace to have our In Process designation via agency authorization by Q2 2...
-
Greetings, I noticed that Atlassian Confluence has provsional TX-RAMP certification, but it expires soon. Does anyone know if full TX-RAMP certification is being pursued? If it is, are they seeking ...
-
...bsp; Where can I access this report? Great news! Our public Compliance Resource Center has been updated to reflect our TISAX compliance achievement. Head to https://www.atlassian.com/trust/c...
-
How is the FedRAMP certification going?
-
Currently when I'll receive a security advisor notification, the sender address is info@e.atlassian.com. That's the same address that is also used for e.g.: Atlassian Cloud release notes Atla...
-
Hello! I am Mervin Britoe, a Systems Engineer with over a decade of IT experience. Looking forward to learning from you!
-
Hi community! My name is Daphne and I’m from the Cloud Security team at Atlassian. We're working on a new feature that will let customers classify their data according to their company policies or ...
-
The first step in keeping your Atlassian server and DC products secure is keeping them current, and we’re making it easier to stay up-to-date with our new monthly Security Bulletin and searchable Vul...
-
We’re excited to be a part of the Open Cybersecurity Schema Framework, which is now generally available for all security teams to adopt! The OCSF is the first vendor-agnostic, open-source initiative ...
-
Dear community, I have a question regarding a security issue that has come to our attention inadvertently. Allow me to provide you with the following account: Our Jira administrators have implement...
-
...rograms on our Approach to Security Testing page, which is publicly accessible on our external website. We believe that this comprehensive approach provides superior value when combined with targeted p...
-
Atlassian primarily relies on our Atlassian Bug Bounty Program and our own internal testing by our Security Engineers to test and identify security issues or vulnerabilities in our Products and Servi...
-
We’ve received reports of a sophisticated phishing campaign targeting Atlassian customers. These malicious emails use forged email headers to appear legitimate and seek to obtain user credentials b...
-
This week, we are rolling out a new Privacy & Security tab on all Marketplace cloud app listings. The tab provides a consistent place to kick-off your app security evaluation, with key partner-pr...
-
Hi, we recently performed a full Anti Virus scan on the Windows Server VM that hosts our Jira instance and got one hit: Threat Detected: Backdoor:Java/WebShell!MSR and Removed! Action: Remove, Resu...
Description
The Trust & Security community group is Atlassian's go-to space for all things Security, Compliance, Privacy and more. This group is to share information, tips, and best practices for protecting your data and using Atlassian products in a secure and reliable way.
Copied to clipboard