{"req_sensitive":"checked","req_nodata":"checked","network_config_guidelines_yes":"checked","network_config_guidelines_no":"","network_firewalls_yes":"checked","network_firewalls_no":"","network_dmz_yes":"checked","network_dmz_no":"","network_separation_yes":"checked","network_separation_no":"","network_encryption_yes":"checked","network_encryption_no":"","network_monitoring_yes":"checked","network_monitoring_no":"","network_monitoring_availability_yes":"checked","network_monitoring_availability_no":"","network_monitoring_security_yes":"checked","network_monitoring_security_no":"","network_monitoring_logging_yes":"checked","network_monitoring_logging_no":"","network_centrallogging_yes":"checked","network_centrallogging_no":"","network_wifi_yes":"checked","network_wifi_no":"","network_wifi_enc_no":"","network_wifi_enc_wep":"","network_wifi_enc_wpapsk":"","network_wifi_enc_wpaenterprise":"checked","network_vpn_yes":"checked","network_vpn_no":"","network_vpn_auth_pwd":"checked","network_vpn_auth_2nd_factor":"checked","network_vpn_noncorp_yes":"","network_vpn_noncorp_policy":"checked","network_vpn_noncorp_technical":"","network_outsourced_yes":"","network_outsourced_no":"checked","servers_hardening_yes":"checked","servers_hardening_no":"","servers_hardening_requirements_yes":"checked","servers_hardening_requirements_no":"","servers_hardening_intandext_yes":"checked","servers_hardening_intandext_no":"","servers_hardening_requirements_writing_yes":"checked","servers_hardening_requirements_writing_no":"","servers_configmgmt_yes":"checked","servers_configmgmt_no":"","servers_configmgmt_audit_yes":"checked","servers_configmgmt_audit_no":"","servers_patching_yes":"checked","servers_patching_no":"","servers_patching_schedule_exceptions_yes":"checked","servers_patching_schedule_exceptions_no":"","servers_patching_infosource_scanning":"checked","servers_patching_infosource_mailinglists":"checked","servers_patching_tests_yes":"checked","servers_patching_tests_no":"","servers_logging_yes":"checked","servers_logging_no":"","servers_logging_retention_yes":"checked","servers_logging_retention_no":"","servers_logging_central_yes":"checked","servers_logging_central_no":"","servers_admin_windows":"","servers_admin_unix":"checked","servers_admin_linux_sudo_yes":"checked","servers_admin_linux_sudo_no":"","servers_admin_linux_root_yes":"checked","servers_admin_linux_root_no":"","servers_admin_linux_ldap_yes":"checked","servers_admin_linux_ldap_no":"","servers_admin_auditing_yes":"checked","servers_admin_auditing_no":"","servers_backup_dcsync_yes":"checked","servers_backup_dcsync_no":"","servers_backup_frequency_yes":"","servers_backup_frequency_no":"checked","servers_backup_test_yes":"checked","servers_backup_test_no":"","servers_email_third_party_yes":"checked","servers_email_third_party_no":"","email_security_spf_policy":"checked","servers_outsourced_yes":"","servers_outsourced_no":"checked","servers_email_outbound_starttls_yes":"checked","servers_email_outbound_starttls_no":"","servers_email_inbound_tls_yes":"checked","servers_email_inbound_tls_no":"","clients_hardening_yes":"checked","clients_hardening_no":"","clients_hardening_requirements_yes":"checked","clients_hardening_requirements_no":"","clients_configmgmt_yes":"checked","clients_configmgmt_no":"","clients_standardbuild_audit_yes":"","clients_standardbuild_audit_no":"checked","warn_clients_standardbuild_audit":"Configuration and standard builds are enforced with with Jamf for Mac OS or through Active Directory domain enforcement for Windows machines. ","clients_patching_yes":"","clients_patching_no":"checked","warn_clients_patching":"Operating system updates are limited to certain ranges, for example you cannot run end of life operating systems such as MacOS Sierra but you can choose to run High Sierra or Mojave. Application updates are deferred to the user for desktop software.","clients_av_yes":"checked","clients_av_no":"","clients_logging_yes":"checked","clients_logging_no":"","clients_logging_retention_yes":"checked","clients_logging_retention_no":"","clients_logging_central_yes":"checked","clients_logging_central_no":"","clients_admin_restricted_yes":"","clients_admin_restricted_no":"checked","clients_admin_samepassword_yes":"","clients_admin_samepassword_no":"checked","clients_winxp_yes":"","clients_winxp_no":"checked","clients_laptops_hd_encrypted_yes":"checked","clients_laptops_hd_encrypted_no":"","clients_mobile_phones_yes":"checked","clients_mobile_phones_no":"","clients_workstation_hd_encrypted_yes":"checked","clients_workstation_hd_encrypted_no":"","testing_pentests_yes":"checked","testing_pentests_no":"","testing_pentests_scope":"Atlassian performs third party security code reviews based on a risk profile of the code. Atlassian also utilized an always-on public bug bounty to identify and resolve security bugs in our software.\nFor more information about our code security practices, see: https://www.atlassian.com/trust/security/security-in-development\n\u00a0\nWe engage with BugCrowd to maintain a Bug Bounty program, to conduct ongoing vulnerability assessment of our publicly available HoApplications and Services, the program is available at :\nhttps://www.bugcrowd.com/news/atlassian-launches-public-bug-bounty-with-bugcrowd/\nAtlassian also hires a third party specialist to review the security state of our cloud-applications based on risk of new service or new environments.\nOur security team manages a Critical Security Bugfix and Security Advisory process for our products described at:\nhttps://www.atlassian.com/security/secpol\n\u00a0\nOur Atlassian Security Team performs on-going network vulnerability scans of both internal and external infrastructure using an industry leading vulnerability scanner on an on-going basis. Any vulnerabilities have Jira tickets created for tracking and remediation purposes and are tracked according to our internal SLA based on severity. We do not share the results of open vulnerabilities with customers. We do share on-going results from our Bug Bounty program at :\u00a0https://www.atlassian.com/trust/security/security-faq\nFor more information about our bug bounty, see : https://www.atlassian.com/trust/security/security-practices#faq-2db80fc0-bc25-45e2-9135-f315f5c87171\n\nAWS Security regularly scans all Internet facing service endpoint IP addresses for vulnerabilities (these scans do not include customer instances). AWS Security notifies the appropriate parties to remediate any identified vulnerabilities. In addition, external vulnerability threat assessments are performed regularly by independent security firms. Findings and recommendations resulting from these assessments are categorized and delivered to AWS leadership.\n\u00a0\nIn addition, the AWS control environment is subject to regular internal and external risk assessments. AWS engages with external certifying bodies and independent auditors to review and test the AWS overall control environment.","testing_pentests_manual_yes":"checked","testing_pentests_manual_no":"","testing_pentests_companies":"Bugcrowd","testing_pentests_freq_often":"checked","testing_pentests_freq_annually":"","testing_pentests_freq_rarely":"","testing_pentests_sharesummary_yes":"checked","testing_pentests_sharesummary_no":"","testing_scans_yes":"checked","testing_scans_no":"","testing_scans_software":"Rapid 7 - Nexpose","testing_scans_monthly":"checked","testing_scans_quarterly":"","testing_scans_rarely":"","testing_scans_intext_yes":"checked","testing_scans_intext_no":"","testing_inhouse_yes":"checked","testing_inhouse_no":"","testing_inhouse_codereviews":"checked","testing_inhouse_pentestint":"checked","testing_inhouse_pentestext":"checked","testing_inhouse_blackbox":"checked","testing_inhouse_fte":"~10","security_contacts":"security@atlassian.com"}