Security is getting more important every year. Lack of security could mean your data is compromised or leaked to the competitor.
Sometimes it can also happen that the application depending on a insecure library or component can lead to a gap in the security.
To give you an impression on the magnitude of these issues, the amount of security vulnerability issues found in 2017 was more then double in 2016 (source: https://www.cvedetails.com/browse-by-date.php )
And 2018 is on track to continue the trend of more and more security issues to be found.
The good news is that these security issues rarely lead to complete control over the system of data and mostly are very difficult to exploit or take expertise to execute.
For customers who don’t want to spend time preparing and rolling-out upgrades Atlassian has recently introduced “Enterprise Release” for JIRA and Confluence.
These Enterprise Releases are specific versions where bug- and maintenance fixes are applied to. But still respect the regular End-of-Life (EOL) dates (2 years after release)
This is an ideal way to stay secure with the least of the effort. When running the JIRA or Confluence Datacenter edition the upgrades for Enterprise Releases can be done with Zero Downtime.
The first Enterprise Release versions for JIRA and Confluence are 7.6 and 6.6 . More information about the Datacenter offerings of Atlassian can be found here.
Please feel free to reach out to us with any questions about this topic and let TMC ALM advise you on this topic.
TMC ALM has proven experience in maintaining, securing and supporting the Atlassian tool stacks.