Marketplace App Security

Trust, security, and privacy are cornerstones of the relationship between Atlassian customers and our third-party Marketplace app partners.

Security Programs

Get peace of mind knowing that your data is secure. Our Marketplace security programs hold Marketplace partners to the highest standards for application security. 

Bugcroud logo

Marketplace Bug Bounty Program

Atlassian has a best-in-class marketplace bug bounty program to increase security and trust for all Marketplace apps. Participating Marketplace Partners are able to proactively combat security risks before they arise by incentivizing security researchers to find vulnerabilities. To get a Cloud Security Participant badge, apps must participate in this program.

Code review illustration


Atlassian’s Ecoscanner platform performs security checks across all Marketplace cloud apps on an ongoing basis. With Ecoscanner, Atlassian continuously monitors all Marketplace cloud apps for common security vulnerabilities to ensure the security of our ecosystem.

Apps illustration

Vulnerability Disclosure Program

The Vulnerability Disclosure Program provides another channel for customers or security researchers to report cloud app vulnerabilities to Atlassian and to Marketplace Partners. Atlassian runs this program and defines the parameters so that all cloud apps can mitigate security risks.

Cloud with key in lock

Cloud App Security Requirements

Atlassian has defined a minimum set of requirements that all Marketplace apps must meet. These requirements are mandatory and are aimed at enforcing security best practices across all apps.

Bug with x

Security Bug Fix Policy

In order to ensure the security of all apps in the Atlassian ecosystem, all Marketplace Partners are required to adhere to security bug fix SLAs for any app listed on the Atlassian Marketplace. If a vulnerability is detected, partners are required to address it in a timely manner.

Clipboard with list of names

Security Self-Assessment Program

The Marketplace Self-Assessment Program is a collaboration between Atlassian and app partners to improve security practices for cloud apps. Program participants complete an annual security assessment that Atlassian reviews and approves. To get a Cloud Security Participant badge, apps must participate in this program.

App Privacy

The Atlassian Marketplace is committed to ensuring customer information shared with third-party app partners remains private in accordance with government regulations.

Radar icon

App privacy policies

Atlassian ensures that every app partner on the Marketplace has its own individual privacy policy and end-user license agreement on each app listing. Each policy outlines what data an app will collect, how that data is being used, and who will have access to that information.

Lock icon

GDPR compliance

Atlassian keeps customer information private by masking user information in the APIs in accordance with GDPR. All Atlassian Marketplace apps will only have access to personal data that is set by a user to public. Users are given direct control over visibility of their personal data and can chose to restrict access to it at anytime.

Get more visibility into our cloud platform roadmap

We're committed to providing visibility into our upcoming security, compliance, privacy, and reliability releases wherever possible.

Cloud platform roadmap (Track, Plan, and Support)

We’re here and ready to answer all of your questions.

Trust & Security Community

Join the Trust & Security group on the Atlassian Community to hear directly from our Security team and share information, tips, and best practices for using Atlassian products in a secure and reliable way.

Atlassian Support

Reach out to one of our highly-trained support engineers to get answers to your most specific security questions. You may find the answers to many of your questions on our pre-filled security questionnaires.