Security at Atlassian
Security is a top priority.
We follow extensive practices to track and protect your information through a comprehensive controls framework. Learn why thousands of customers trust us to protect their most valuable data.
Strong data encryption
Our Cloud services data is encrypted using Transport Layer Security (TLS) with Perfect Forward Secrecy (PFS). Atlassian's implementation of TLS uses strong ciphers and key-lengths by default.
Rigorous security testing
Our security testing program includes threat-modeling, manual code review, automated scanning, and third-party assessments. Our bug bounty program is the cornerstone of security testing for each and every Atlassian product.
Breach detection and monitoring
We have a security monitoring team dedicated to detecting signs of a data breach. Our security practices are constantly evolving in order to address new types of security threats and further strengthen our detection capabilities.
Security news and advisories
We issue advisories when security bugs are discovered so that you can take action. Learn more about when we publish security advisories and how we determine severity levels.
Keep your server secure
Learn how to configure security options on your own server.
Latest security news
7 non-negotiable security practices for any cloud product
Implementing security best practices for your cloud products might feel like you’re playing a game of chess against a chess grandmaster. You think you need to know the most complex strategies and plan ten moves in advance, but in reality, you’re playing against a 3rd-grade checkers player.
While sophisticated security attacks do happen, it’s more likely that someone will break into your system using a simple phishing attack or they will crack one easy password and then figure out that people in your organization are using the same passwords over and over.
Behind the scenes of our security incident management process
On the security team, we don’t manage any Atlassian products like other Atlassian teams do. Our main product is trust, and that’s a job that’s never finished.
We’ve published detailed information about how our team responds to security incidents in the Trust section of the website.
Atlassian urges changes to Australia’s Assistance and Access Act
Atlassian, in partnership with advocacy group StartupAUS and other Australian technology companies, has formally submitted a set of recommended improvements to the Telecommunication and Other Legislation Amendment (Assistance and Access) Act 2018, a law that was hastily approved by the Australian government in December 2018.
Atlassian Bug Bash
We invited the world’s best white hat hackers to come to Sydney to help Atlassian break our products.
Atlassian Products & Services and CVE-2018-11235 & CVE-2018-11233
We are aware of several security issues that were recently fixed in Git.
We’re here and ready to answer all of your questions about Atlassian Security.