...
This document describes our security policy. We cannot guarantee that no leak will ever happen, but we do our best to keep your data safe.
Published annexes
...
Participation to Atlassian's bug bounty program, vulnerabilities reported by Atlassian themselves, and obviously we'll also listen to vulnerabilities reported by external people,
Regular pentests (Once a year - Please check out our last security audit - Cloud (1419/0712/20222023)),
NPM's automatic tool (npm audit),
Maven's automatic tool (Maven Dependency Check, which uses the NIST / OWASP database and also detects NPM-related vulnerabilities).
...
Every year, we perform a security audit with an external third-party. We've published the result of the last audit on this page: Security audit (1419/0712/20222023).