Last updated Jun 29, 2021

Rate this page:

Cloud Fortified apps program


Cloud Fortified Apps is the program for a new designation of apps designed to serve our largest customers and those with more business-critical operating requirements when it comes to apps.

The Cloud Fortified Apps Program has 2 key elements:

  1. Eligibility: apps must meet a set of minimum eligibility requirements of enterprise readiness.
    1. Security program participation: Marketplace Security Bug Bounty Program and Security Self-Assessment Program.
    2. Reliability program participation: Core capability SLOs + tests, and incident management.
    3. Support program participation: Provide a support point of contact, and respond to T1 support tickets within 1 day (24 hours), 5 working days a week in Marketplace Partner local timezone.
  2. Visibility and distribution: apps are easier for enterprise customers to find as meeting their needs.
    1. Enhanced visibility in the Marketplace.
    2. Recommended by Atlassian and its partners to Cloud Enterprise customers.

Program vision

Whether customers purchase Standard, Premium, or Enterprise edition, enterprise customers tend to have the most apps and need them even more in order to customise our base products for their unique needs.

And some of those same requirements that enterprise customers have for Atlassian's products apply to apps as well, most commonly across security, reliability, and support.

Our vision is that enterprise customers have Marketplace apps suitable for them. That means:

  1. Enterprise customers can get apps with the** traits** and features that meet their individual needs.
  2. You gain increased status and visibility amongst customers with these greater needs.





Who are Cloud Fortified apps for?

These customers can install Cloud Fortified apps if they choose

Cloud Fortified apps are designed for these customers

Typical customer

  • All teams exploring Atlassian products

  • Small teams getting started

  • Starter tier Server customers exploring cloud capabilities

  • Single team

  • Multiple teams

  • Departments

  • Org wide standardization on Atlassian products across teams of all sizes

  • Global teams distributed across multiple locations

  • Large enterprises

  • Regulated Industries

Target user tier

  • 1-10

  • 10-100s

  • 100s-1,000s

  • 1,000+

Target customers from Server

  • Server starter customers

  • Server customers

  • Server and Data Center customers with 100+ users

  • Server and Data Center customers with 1,000+ users

What are we optimizing to solve for?

  • Small teams to get started easily on our products and see our value prop – whether it's their first Atlassian product or a new Atlassian product they've never used before

  • Deliver core product features and jobs to be done

  • Standard product features that work at scale

  • Advanced product features for more complex use cases and teams

  • Meet IT admin needs with reliability guarantees, unlimited storage, and support

  • Provide admin tools to manage and control the chaos

  • More advanced customization

  • Enterprises consider the business processes supported by Atlassian products to be mission-critical and require higher reliability and data resiliency to ensure business continuity

  • Due to increased regulatory risk, there is a bias toward control over the environment - both from change (when to deploy; what to deploy; how to phase out, etc.) and operational perspective (stability over speed; audit logs; encryption; predictable behavior, evidencing; etc.)

  • Due to the complexity of their environment, there is a bias toward standards and certifications

Program overview

Any cloud app can participate in the program and become a Cloud Fortified app by satisfying the 3 eligibility criteria (farther down). Program participation applies to the entire app, and does not result in a separate Marketplace listing. Here is a direct comparison:


Regular app

Cloud Fortified apps

Program participation









  • Recommended by Atlassian and its partners to Cloud Enterprise customers

  • Enhanced visibility in the Marketplace

Program requirements

To qualify as a Cloud Fortified app, a Marketplace Partner must meet several requirements:

  • Security
  • Reliability
  • Support

Further requirements may be added, and Atlassian will give at least 6 months notice when this occurs.

Reliability requirements

SLOs are not considered breached if due to Atlassian failure.

The Cloud Fortified app program is designed to safeguard customer trust and reduce partner costs by preventing outages from occurring in the first place.

See Cloud Fortified apps program reliability requirements for more details.

Satisfaction of these will need to be documented as part of the initial approval and annual review processes.

Requirement summary

Requirement specifics

Adhere to Service Level Objectives for SLIs defined by Atlassian

  1. Investigate when an SLO breach occurs.

Satisfy production readiness requirements

  1. Assess the scalability and performance characteristics of your app.

  2. Have engineers familiarise themselves with the incident management and post-incident review documentation and processes.

  3. Have a documented service restoration plan.

Have an incident management process

  1. Have engineers respond to high severity incidents using an alerting service such as Opsgenie.

  2. Use/create an Atlassian incident management ticket (“EcoHOT”) as a canonical reference

  3. Complete Incident Reviews after a production incident, including completing issues raised as a result of the review in a timely manner.

Build core capability testing against a Vendor First Release tenant to catch breaking changes before they hit production.

Address deprecation notices within the deprecation period

This requirement is also a benefit as program participants will have access to improved escalation and coordination channels with Atlassian for the benefit of our mutual customers.

Security requirements

See Cloud Fortified apps program security requirements for more details.

  1. Meet all Marketplace Security Bug Bounty Program requirements and,
  2. Complete the Security Self-Assessment Program

Support requirements

See Cloud Fortified apps program support requirements for more details.

The Cloud Fortified apps program aims to ensure a consistent customer experience with minimal partner cost by standardizing minimal expectations for support tickets. Marketplace Partners must:

  1. Provide and maintain a primary point of contact for customer support requests raised via Atlassian support. This point of contact must respond on the Atlassian support ticket.
  2. Commit to responding to customers and Atlassian support within 24 hours for T1 support, 5 days a week in Marketplace Partner local timezone.

Customers remain free to contact partners directly for support; our goal is to standardize the customer experience when they start their support journey with Atlassian, and provide a single source of truth for coordination bbetweenb the partner and Atlassian to resolve customer issues quickly.

Program approval process

See Cloud Fortified apps program approval process for more details.

  1. First, familiarize yourself with the documentation, including this page, the program overview, and its sub-pages.
  2. Then, review the approval checklist to learn about each area to be addressed for approval. A copy is included below for reference.
  3. To express your intention and interest in submitting a Cloud app for approval, please create a ticket on this Service Desk. Initially, you only need to provide a few basic pieces of information to identify yourself and your app.
  4. Next, start working on the requirements and update your app submission form as you progress. When you're ready for someone to review, simply leave a comment on the submission to let us know and we'll take a look.
  5. During the EAP phase, approved apps will held, ready for the program launch. At program launch, and beyond, the marketplace listing for approved apps are updated to indicate the Cloud Fortified app designation and your app will be included in a list of Cloud Fortified in go-to-market materials for our field teams and channel partners.
  6. From time to time we might get in touch to gather feedback, share updates about any upcoming changes that we're exploring for the program, or any upcoming changes that we plan to make.
  7. Your app has an annual review process where we verify that your app is in good order, and any new requirements are met.

Program benefits

Enhanced visibility

Cloud Fortified apps will be recommended by Atlassian to enterprise customers.

Cloud Fortified apps will be more visibly presented to users on the Atlassian Marketplace and in the embedded marketplace within Confluence and Jira. Cloud Fortified apps will have:

  • Dedicated sections
  • Filters for Cloud Fortified apps
  • Explanation of the benefits of choosing Cloud Fortified apps and,
  • Distinctive labels in search results and app listing pages

This will allow customers to easily find and inspect them for suitability, and they'll stand out among other apps.

Enhanced distribution

Cloud Fortified apps will be actively put forward by Atlassian sales teams and included in enablement material used by Solution Partners.

Rate this page: