Trust @ Atlassian

Our goal is to build trust with every team. You'll find this at the center of everything we do. 


Trust begins with security.  We will be consistent in how we respond if we encounter a security vulnerability or incident, and be transparent about our program.  Security will not be a barrier to adopting our software and services. 

Learn more


You own your data, and we're committed to protecting your privacy. Our Privacy Policy explains what information we collect about you and why, what we do with that information, how we share it, and how we handle the content you place in our products and services. Our Guidelines for Law Enforcement Requests outlines our process for how we receive, scrutinize, and respond to government requests for customer information.


We get it, you need to validate compliance to trust a cloud service provider. We encourage and expect you to verify that our risk, privacy and security practices adhere to widely accepted standards and regulations. Our independent third-party advisors test our operations, our environment and our controls and provide their reports and opinions — which we share with you whenever possible.

Learn More


We understand that in order for a cloud service to be useful, it has to be available. That starts with ensuring that services are built on top of a solid platform of core technologies, that we are proactive about hunting down possible points of failure, and we stress-test relentlessly. We publish our service availability status in real-time to ensure you can access your data when you want. 


Atlassian’s QA team works with our development teams to ship features quickly and safely. At Atlassian, we optimized the QA process by empowering and educating developers to test their own features to our quality standards.

Frequently asked questions

Is our data encrypted? How are our passwords stored? Find the answers to these and more by visiting our Frequently Asked Questions.

Read the FAQ

We have a lot to say about trust

Here at Atlassian, we love to talk about what we do.  What's the latest?  Have a read below. 

Apache Struts 2 Remote Code Execution - CVE-2017-5638

Atlassian has released updates to HipChat Server, Bamboo and Crowd in response to the Struts vulnerability announced on March 10th, 2017. All customers are advised to review the Advisories and update their software accordingly. 

Atlassian, Trust, and the Cloud Security Alliance

We have launched our new Trust @ Atlassian site to make it easier to find the information you need to trust Atlassian products and cloud services.  We have Security at the heart of that trust relationship but also know that Quality, Availability, Privacy and Compliance are important.  

Continue reading

Git – CVE‑2016‑2315 and CVE-2016-2324 Advisory

We have reviewed the issues described in the Git vulnerabilities CVE‑2016‑2315 & CVE-2016-2324 and released updates to affected products to fix the vulnerabilities.

Continue reading

Atlassian stands with Apple to support user data security

Our customers’ trust in Atlassian is essential to our business, and we have to continually earn that trust by respecting their privacy and securely maintaining their data. This is exactly why we are proud to join Airbnb, Automattic, CloudFlare, eBay, GitHub, Kickstarter, LinkedIn, Mapbox, Medium, Meetup, Reddit, Square, Squarespace, Twilio, Twitter, and Wickr as Amici Curiae on a brief supporting Apple and opposing the FBI’s request for any sort of backdoor to make it easier to access customers’ iPhones and get access to their data.

Continue reading

OpenSSL Security Advisory

Following on from the announcement from the OpenSSL team today, we have been assessing the impact to Atlassian Cloud, and our customers, and are deploying updated SSL versions as needed. 

Continue reading

CVE-2015-7547 Advisory

We have reviewed the issues described in Google’s CVE-2015-7547 Advisory from February 17 and found that a very small part of our environment was affected.

Continue reading

Atlassian update for Git and Mercurial vulnerability

The maintainers of the Git and Mercurial open source projects have identified a vulnerability in the Git and Mercurial clients for Macintosh and Windows operating systems that could allow critical files to be overwritten with unwanted files, including executables.

Continue reading