Security Policy
Security is at the ❤️ of everything we do at Mibex.
As a member of the Atlassian ecosystem since 2014 and as an official Atlassian Gold Marketplace Partner, we participate in several security programs and are constantly verified to uphold best security practices.
Security Programs
Mibex participates in the following security-related programs:
The CAIQ Lite Questionnaire is an industry standard cloud security assessment by the Cloud Security Alliance (CSA).
Mibex has completed the CAIQ Lite questionnaire and makes it publicly available.
Cloud Apps Security Requirements:
A set of requirements every Atlassian Marketplace partner needs to fulfill.
Examples of these requirements are authorization and data protection, vulnerability management, application security and more.
We at Mibex fulfill these requirements and are audited by Atlassian every year.
The Atlassian Ecoscanner validates that all Marketplace apps adhere to the Cloud Apps Security Requirements.
Mibex apps are consistently scanned by it, to get notified early in case any vulnerabilities are detected.
Atlassian defines SLA’s for addressing vulnerablities in their apps all Marketplace partners need to meet. The SLA’s depend on the CVSS score of the detected vulnerability. Mibex follows these SLA’s, which gives our customers the assurance that vulnerabilities are addressed and fixed in a timely manner.
Since 2019, Mibex participates in the Marketplace Bug Bounty program.
Security researchers from around the world are assigned to our Bug Bounty program on BugCrowd to find vulnerabilities in our Cloud and Data Center apps.
The goal is to increase customer confidence in Marketplace apps by providing information for customers to perform security evaluations.