How to Report a Security Issue
We love hearing about ways we can improve the security of our products and services. Our commitment to delivering awesome and secure software for our customers is aided by our researcher community - so thanks in advance!
Reporting a security vulnerability
Discovered a security vulnerability? Disclose it to us via the Atlassian Security Service Desk. If your vulnerability discovery is new to us, we will reward you with a coupon to get Atlassian Swag. Depending on what you discover, you may go onto the Atlassian Hall of Fame.
We do have specific things we are (and are not) looking for - so check Vulnerability Information - what are we looking for? before you submit.
To get the most from the Atlassian Security Service Desk we do ask you to register (all we need is an email address so we can communicate with you) - and you can then keep track of how your issue is progressing.
There is always the option to email as well to firstname.lastname@example.org (but for service priority and swag rewards - please use our Service Desk). You can find our PGP key at https://www.atlassian.com/trust/security/pgp-security/.