1a. Customer Data
Releases follow our Software Development Process described here: https://rixter.atlassian.net/wiki/spaces/RP/pages/1197539357
No, external audits have been done. We do internal audits so far.
We have done security pen-tests on some products to find wholes. This is not a regular task, more case by case or in a procurement process. The tests is the top 10 OWASP security vulnerabilities
External pen tester has been utilized for Integrations Hub for Jira
Notifications is done by any employee submitting a request Atlassian
11. Managing Security Vulnerabilities
12. Disaster Recovery
DC apps are handled by the customer.
Protected Fields is handled by Atlassian since it is a Forge App
Integrations Hub for Jira Cloud is handled by Rixter AB
13. Data Recovery
For Protected Fields, Inbox for Jira and Integrations Hub (DC):
We don´t have access to any customer environment to conduct such activity.