Trust & Security
Created Dec 2, 2020, Last active Aug 11, 2025
-
Atlassian’s Trust team now have now completed an updated response for the Higher Education Cloud Vendor Assessment Toolkit (HECVAT) version 3.03 for our Cloud products. What is HECVAT? The HECVAT...
-
Atlassian has published a list of sub-processors here: https://www.atlassian.com/legal/sub-processors . However this list of sub-processors seems not complete. When you use Conflucence, Jira,...
-
...or now folks! In our next update, you’ll hear from our new senior leader for our global public sector product strategy, Joe Elgabalawi. Kind regards, Dave Meyer Head of Product, Enterprise C...
-
Hi all, I wanted to highlight this trust and security-related survey opportunity. It was posted in the Jira Cloud Admins group but it is open to any product (not just Jira) in any...
-
Hi everyone, My name is Fili and I’m a Principal Product Manager on Enterprise Trust. I’m here to announce the launch of data residency in Germany 🎉! We're thrilled to expand our data re...
-
Tracking working hours is not new in the workforce; it has been around since time cards and clocks were the only technology available. Some companies follow this technique to keep track of working ho...
-
...as also found that publicly provided Docker images contain the vulnerable version of OpenSSL version 3.0. Atlassian is in the process of updating these images with OpenSSL version 3.0.7. Are A...
-
Tracking employees’ working hours can vary between businesses, depending on their policies and the laws required in the countries where they are based. Some countries in Europe have now adopted manda...
-
Following on our first ever Annual Bug Bounty Report from 2021, we have updated this report to reflect a full year of statistics and data about our Bug Bounty Programs as part of our overall Vulnerab...
-
Atlassian maintains submissions to the Cloud Security Alliance (CSA) STAR Registry for our major Cloud Services. The STAR Registry hosts the Consensus Assessment Initiative Questionnaire (CAIQ), whic...
-
We have re-certified for Payment Card Industries (PCI) for all of our major products. This means that we have controls over how we take credit card payments. We achieved certification fo...
-
We maintain an always-on bug bounty to identify and triage issues in our products and services. Many customers ask us for ‘penetration reports’ or similar - basically a report from a third party that...
-
Following on our first ever Annual Bug Bounty Report from 2021, this year for the first time, we are publishing an in-depth report detailing a full year of statistics and data about our Security Inci...
-
I need to access the admin.atlassian.com and My Atlassian pages for someone no longer in my organization. Their Atlassian ID should fall under our managed accounts since we have claimed our dom...
-
The Lei Geral de Proteção de Dados (LGPD) is a new Brazilian privacy law that went into effect in September 2020, and regulates the collection, use, processing, storage, and transfer of personal data...
-
Telesat is introducing a Low Earth Orbit (LEO) satellite communications system and we are looking at JIRA as a common software/project management tool between Telesat Canada and Telesat Government So...
-
How to secure customer data? Customer data security is essential and always in the spotlight for one primary reason: Your business depends on it! To simplify things, follow these five significant s...
-
Has the facility to restore unpublished work gone now? Last time I used it, the work I had been doing came back, today, it did not. I have no idea why the work I was doing disappeared, I must have ...
-
Atlassian has triumphed once again; winning another industry award, but you’re probably wondering, why is this a big deal? ...
-
...enefits and this is doubly true for software such as osquery which is deployed on nearly every workstation and server across our organisation. One way to reduce risk is by performing a security assessment t...
-
Data protection laws have rapidly evolved in the past few years, and more companies are opting to use them to protect their customers. Compliance with any data privacy law depending on your location ...
-
Why is automation important for building a security culture? You’ll find automation in every successful project that builds a security culture. A company’s culture is made up of the many tasks and ...
-
Do you know how secure your Atlassian Marketplace apps are? Our team created this Atlassian Marketplace application security guide to show the difference in application security levels, and what it m...
-
What is the best way to receive Atlassian security updates (new CVE and so on)?
-
...isregards de-identified data (called pseudonymized in GDPR), public information, and aggregate input. The CCPA is based on three principles, transparency, accountability, and control. The most s...
Description
The Trust & Security community group is Atlassian's go-to space for all things Security, Compliance, Privacy and more. This group is to share information, tips, and best practices for protecting your data and using Atlassian products in a secure and reliable way.
Copied to clipboard