Security

Report a vulnerability

We love hearing about ways we can improve the security of our products. Our commitment to delivering awesome and secure software for our customers is aided by our researcher community – so thanks in advance! Plus you could get recognized in our Hall of Fame.

Report a vulnerability

Report an incident

Notice a compromise of our products or services? We want to know. We’re committed to responding to security incidents consistently and comprehensively. We’ll always listen and treat your report with respect..

Report an incident

Atlassian Security Hall of Fame

We would like to thank the people who have responsibly disclosed vulnerabilities to us.

Hall of Fame

Server configuration guides

Using our solutions on the server at your place? Here’s how to set up the security options.
Atlassian Cloud customer? Don’t worry, we’ve done this already!

Confluence

Learn More

JIRA

Learn More

Bitbucket

Learn More

Bamboo

Learn More

Fisheye

Learn More

Security advisories

These advisories are generally just for the server at your place, our Atlassian Cloud is updated automatically.
We release critical Security Advisories on the 3rd Wednesday of the month for Server products. Learn about how & when publish security advisories or about how we determine the severity levels.

July 2016

 Bamboo

June 2016

 Bitbucket Cloud

May 2016

 HipChat

January 2016

 Bamboo

December 2015

 JIRA

October 2015

 Bamboo

August 2015

 JIRA and HipChat for JIRA plugin

Previous Security Advisories

 JIRA Confluence Bamboo Stash Fisheye Crucible

Security policies

We are open and transparent with our program and our security policies to help you understand how we manage our products and services.

Cloud
Security Statement

Our Atlassian Cloud Security Statement details many of the questions that we receive from customers about how we run and secure our Cloud Services.

Read the policy

Security
Bug Fix Policy

Atlassian makes it a priority to ensure that customers’ systems cannot be compromised by exploiting vulnerabilities in Atlassian products.

Read the policy

Security Advisory
Publishing Policy

Our Advisory Publishing Policy
is how we notify customers when a critical security vulnerability in an Atlassian product is discovered and resolved.

Read the policy

Verified by MonsterInsights