Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

When you use our apps, we may collect anonymous usage data and analytics information for auditing, security purposes, improving our product, bugs bug resolution and customer support assistance.

...

Managing Security Vulnerabilities

Our apps are subject to the Atlassian Security Programs and adhere to all requirements Atlassian imposes on incident management.

Our infrastructure is constantly monitored by the Atlassian Vulnerability Scanning Program EcoScannerWe constantly monitor for vulnerabilities in our apps through automated scanning tools and periodic audits.
Security vulnerabilities, when found, get the highest priority and are fixed based on the required Security Bug Fix Policy For Marketplace Appsfollowing timelines:

Severity

CVSS Score

Timeframe for resolution

Critical

CVSS v3 >= 9.0

Fixed within 4 weeks of being reported or triaged.

High

CVSS v3 >= 7.0

Fixed within 6 weeks of being reported or triaged.

Medium

CVSS v3 >= 4.0

Fixed within 8 weeks of being reported or triaged.

Low

CVSS v3 < 4.0

Fixed within 25 weeks of being reported or triaged.

Development and Support Team

...