Atlassian

Atlassian

Search the Trust Center...
Ctrl +K

Atlassian | Trust Center

Everything you need to complete your security review is here. Browse documents, certifications, and compliance details with confidence. Our Trust Center is regularly updated to reflect the latest audit results, and subprocessor disclosures.


Announcements

Atlassian Guard: Trust FAQ

Atlassian has published a new document, Atlassian Guard: Trust FAQ, which addresses many common security and compliance questions customers have about Atlassian Guard. It covers how Guard is secured and independently verified (SOC 2, ISO 27001), the types of customer data Guard Premium collects and where it's stored, controls available to govern third-party Marketplace apps, and how Guard integrates with existing security tools like Okta, Azure AD, and SIEMs. It's designed as a companion to the "Atlassian Cloud: Guide to Built-in Security Controls" white-paper, helping security teams and IT leaders evaluate Guard's trust posture and support internal risk reviews.

Please access the FAQ here:
Atlassian Guard: Trust FAQ


Atlassian Cloud: Guide to Built-in Security Controls

Atlassian has published a new white paper, "Atlassian Cloud: Guide to Built-in Security Controls," describing the security controls available to you across our Cloud Platform, Guard Standard, and Guard Premium plans - including SSO, audit logging, content scanning, and more.

It includes guidance on choosing the right Atlassian Guard plan based on your organization's needs, as well as how built-in controls can support your security, privacy, and compliance, requirements under Atlassian's shared responsibility model, - enabling you migrate and scale in Atlassian Cloud with confidence.

Please access the white paper here:
Atlassian Cloud: Guide to Built-in Security Controls


Rovo - Atlassian’s Secure AI Architecture v2 is published!

Atlassian updated its guidance on Rovo’s secure AI architecture to reflect the latest developments, helping customers understand how Atlassian safeguards data and enabling effective AI adoption. You can read the white paper here:

Rovo - Atlassian’s Secure AI Architecture v2


Security and Compliance Overview for Loom

Atlassian has published a new white paper, "Security and Compliance Overview for Loom AI", which provides a comprehensive guide for IT leaders and security teams evaluating Loom's AI-powered features. It covers how Loom AI processes data with zero retention by sub-processors, the security architecture including encryption and Zero Trust access controls, compliance certifications (SOC 2, ISO 27001, GDPR), granular admin controls integrated with Atlassian Guard, and a step-by-step rollout framework to help organizations enable AI video collaboration safely and confidently.

Please access the white paper here:
Security and Compliance Overview for Loom


OWASP Top 10 for LLM Applications and Atlassian's Approach

Atlassian has published a new white paper, “OWASP Top 10 For LLM & Atlassian’s Mitigations”, which explains how Atlassian is addressing the leading security risks for AI and large language model applications, including prompt injection, data poisoning, misinformation, and more. It outlines the concrete controls implemented across Rovo and Atlassian Cloud platform, such as secure-by-design architecture, permission-aware retrieval, supplier governance, and testing practices to help customers adopt AI safely and responsibly.

Please access the white paper here:
OWASP Top 10 for LLM Applications & Atlassian's Mitigations


Atlassian Rovo MCP Server Security White Paper

Atlassian has published the Atlassian Rovo MCP Server white paper, a deep dive into how our managed MCP Server securely connects AI clients to Atlassian Cloud apps. It explains our security, trust, and governance approach—including authentication, permissions, data protection, admin controls, and mitigations for common AI-related risks—to help you confidently adopt AI solutions while maintaining enterprise-grade guardrails around your data.

You can access the white paper here:
Atlassian Rovo MCP Server Security Measures & Guidance


Data Protection, Data Isolation, Data Access White Paper

Atlassian has published a new white paper detailing our approach to data protection, data isolation, and data access across the Atlassian platform and apps. This paper is designed to help customers evaluate Atlassian’s security and trust posture and support their internal risk and compliance reviews.

Please access the white paper here:
Atlassian Trust - Data Protection, Data Isolation, Data Access White Paper


Status of Upcoming SOC 2 Report and Timeline

Atlassian is currently in the process of issuing our updated FY26 SOC 2 Type 2 reports, covering the audit review period from October 1, 2024, to September 30, 2025. The report is expected to be issued by the end of the calendar year (December 2025), with the Bridge Letters to follow in early 2026. We appreciate your patience as our auditors complete their review and finalize the report. For now the SOC 2 report and Bridge Letter available under the Compliance Reports folder are the most current, and valid through the end of the year.

We encourage you to subscribe to updates to this Trust Portal in order to be notified once the new SOC 2 reports are posted.


Rovo: Atlassian’s Secure AI Architecture is live!

Atlassian has prepared detailed guidance on Rovo’s secure AI architecture to help customers understand how Atlassian safeguards data, enabling effective AI adoption. Please visit our link here:
Rovo - Atlassian’s Secure AI Architecture


Rovo: AI Trust Customer FAQ is live!

This resource details how Atlassian can help ensure you comply with the EU AI Act when using our product and services. Please visit our link here::
Rovo - AI Trust Customer FAQ


DORA Guidance is Live!

Atlassian has prepared detailed guidance to help our customers understand how Atlassian addresses key DORA requirements. Please visit our link here: https://www.atlassian.com/trust/compliance/resources/dora


Atlassian Security Advisories and Bulletins

Atlassian Security Advisories for Atlassian Data Center products are released on Tuesdays. Security Bulletins are released on the third Tuesday of every month. All are published here:
https://www.atlassian.com/trust/security/advisories

To search previous disclosures, see our Vulnerability Disclosure Portal:
https://www.atlassian.com/trust/data-protection/vulnerabilities



Badges

iso-27001
ISO 27001
gdpr
GDPR
iso-27018
ISO 27018
fedramp
FedRAMP
eu-us-data-privacy
EU-US DPF
tisax
TISAX
vpat
VPAT
stateramp
GovRAMP

Quick Summary

One or more annual third-party audit(s)

Has a formal mobile device management (MDM) program

Annual third-party penetration testing

Has a disaster recovery plan

Has cyber insurance

Uses a centralized IAM solution (SSO) to manage employee access


Documents & Knowledge Base FAQs


Featured Documents


Trusted by

United Airlines
Dropbox
Reddit
Avalara
Castlight
Klarna
HubSpot
Splunk
Slack
Zoom
Udemy Inc
Powered by Conveyor, the first end-to-end customer trust platform.
Learn more