...
When you use our apps, we may collect anonymous usage data and analytics information for auditing, security purposes, improving our product, bugs bug resolution and customer support assistance.
...
Managing Security Vulnerabilities
Our apps are subject to the Atlassian Security Programs and adhere to all requirements Atlassian imposes on incident management.
Our infrastructure is constantly monitored by the Atlassian Vulnerability Scanning Program EcoScannerWe constantly monitor for vulnerabilities in our apps through automated scanning tools and periodic audits.
Security vulnerabilities, when found, get the highest priority and are fixed based on the required Security Bug Fix Policy For Marketplace Appsfollowing timelines:
Severity | CVSS Score | Timeframe for resolution |
---|---|---|
Critical | CVSS v3 >= 9.0 | Fixed within 4 weeks of being reported or triaged. |
High | CVSS v3 >= 7.0 | Fixed within 6 weeks of being reported or triaged. |
Medium | CVSS v3 >= 4.0 | Fixed within 8 weeks of being reported or triaged. |
Low | CVSS v3 < 4.0 | Fixed within 25 weeks of being reported or triaged. |
Development and Support Team
...