Here at Atlassian, we aim to be transparent about our security practices, such as how our bug bounty works and how we deal with security incidents. Visit the Atlassian Trust site for details of our pillars of security, reliability, privacy, and compliance.
These guidelines are a resource to help you improve your security profile. These guidelines are not mandatory, and Marketplace vendors aren't required to comply with them. There are, however, mandatory security requirements for cloud apps.
The best practices for developing marketplace apps are listed in Security guidelines for Marketplace apps. These guidelines apply to server and cloud apps.
The Security guidelines for Marketplace vendors provide suggestions for marketplace vendors to harden their production and development infrastructure.