Security at Atlassian
Security is a top priority.
Security practices
We follow extensive practices to track and protect your information through a comprehensive controls framework. Learn why thousands of customers trust us to protect their most valuable data.
Compliance certifications
Strong data encryption
Our Cloud services data is encrypted using Transport Layer Security (TLS) with Perfect Forward Secrecy (PFS). Atlassian's implementation of TLS uses strong ciphers and key-lengths by default.
Rigorous security testing
Our security testing program includes threat-modeling, manual code review, automated scanning, and third-party assessments. Our bug bounty program is the cornerstone of security testing for each and every Atlassian product.
Breach detection and monitoring
We have a security monitoring team dedicated to detecting signs of a data breach. Our security practices are constantly evolving in order to address new types of security threats and further strengthen our detection capabilities.
Whitepaper: Why security is a shared responsibility
When it comes to keeping your data secure, we're both on the same team. Read what you can do to help.
Frequently asked questions
Is our data encrypted? How are passwords stored? Find answers to our top security questions.
Atlassian Bug Bounty
We've partnered with Bugcrowd to add an additional layer of security to our products by rewarding unique vulnerability research. If you've found a vulnerability, disclose the issue to our security team through our bug bounty program.
Security news and advisories
We issue advisories when security bugs are discovered so that you can take action. Learn more about when we publish security advisories and how we determine severity levels.
Keep your server secure
Learn how to configure security options on your own server.
Latest security news
Atlassian urges changes to Australia’s Assistance and Access Act
Atlassian, in partnership with advocacy group StartupAUS and other Australian technology companies, has formally submitted a set of recommended improvements to the Telecommunication and Other Legislation Amendment (Assistance and Access) Act 2018, a law that was hastily approved by the Australian government in December 2018.
Atlassian Bug Bash
We invited the world’s best white hat hackers to come to Sydney to help Atlassian break our products.
Atlassian Products & Services and CVE-2018-11235 & CVE-2018-11233
We are aware of several security issues that were recently fixed in Git.
Update on Meltdown and Spectre Processor Vulnerabilities
In the first week of January 2018, a number of computer chip manufacturers confirmed critical vulnerabilities in their processors. Under certain circumstances, these vulnerabilities can allow an attacker to steal sensitive information, bypass security restrictions, and gain elevated privileges to client and server software.
Breach Detection at Scale with PROJECT SPACECRAB
We’ve released PROJECT SPACECRAB, an open source toolset that tips the balance in the right direction by enabling deployments of several thousand AWS honey tokens across your network and on every endpoint you own.
Security questions?
We’re here and ready to answer all of your questions about Atlassian Security.