Security

Security at
Vectanex

Enterprise-grade security powered by Atlassian Forge. Your data's protection is our top priority.

Product-Specific Security

Each of our Jira applications has its own detailed security documentation. Select a product below to view its specific security practices.

Pulse

Sprint health monitoring for Jira

Smart Issue Templates

AI-powered issue templates for Jira

Smart Recurring Tasks

Automated recurring issue creation for Jira

Atlassian Forge Verified

Built on enterprise-grade secure infrastructure

Our Security Approach

Vectanex applications are built and hosted on Atlassian's Forge platform, a secure, serverless environment designed specifically for Jira apps. This architecture provides multiple layers of security that protect your data without requiring you to trust our direct access to it.

As developers, we do not have direct access to your stored data. All data processing occurs within the isolated Forge environment, which is managed and secured by Atlassian's world-class infrastructure team.

Security Features

Multi-layered protection for your data

Atlassian Forge Platform

Built on Atlassian's secure, serverless Forge infrastructure with enterprise-grade security controls

  • Isolated execution environment
  • No direct developer access to your data
  • Automatic security updates and patches
  • Atlassian-managed infrastructure

Data Encryption

Your data is protected with industry-standard encryption at rest and in transit

  • TLS 1.2+ for all data in transit
  • AES-256 encryption at rest
  • Secure API communication protocols
  • Encrypted storage via Forge infrastructure

Data Isolation

Complete data segregation ensures your information remains private and secure

  • Dedicated Forge storage per Jira instance
  • No cross-tenant data access
  • Logical separation of customer data
  • Zero direct database access by developers

Secure Development

Security-first development practices throughout the software lifecycle

  • Pre-deployment code reviews
  • Automated dependency vulnerability scanning
  • Regular security testing and audits
  • Secure coding standards enforcement

Security Practices

How we maintain a secure development environment

Access Control

Strict access management with least-privilege principles

Security Monitoring

Continuous monitoring for threats and anomalies

Dependency Management

Regular updates and vulnerability scanning with npm audit

Incident Response

Defined procedures for security incident handling

Compliance & Standards

We adhere to industry standards and regulatory requirements to ensure your data is handled responsibly.

  • GDPR (General Data Protection Regulation)
  • Atlassian Marketplace Security Requirements
  • OWASP Top 10 Security Standards
  • SOC 2 Type II (via Atlassian infrastructure)
  • Data residency and sovereignty requirements

Note: Compliance certifications (SOC 2, ISO 27001, etc.) are inherited from Atlassian's Forge infrastructure. For detailed compliance documentation, please refer to Atlassian's Trust Center.

Vulnerability Disclosure

We take security vulnerabilities seriously and appreciate the security community's efforts to responsibly disclose issues.

If you discover a security vulnerability, please:

  • Email us at support@vectanex.com with details of the vulnerability
  • Include steps to reproduce the issue and potential impact
  • Allow us reasonable time to address the issue before public disclosure
  • Avoid accessing or modifying data that doesn't belong to you

We commit to acknowledging your report within 48 hours and will work with you to understand and resolve the issue promptly.

Incident Response

In the event of a security incident that may affect your data, we will:

  • 1.
    Immediate Assessment: Quickly assess the scope and impact of the incident
  • 2.
    Containment: Take immediate action to contain and mitigate the incident
  • 3.
    Notification: Notify affected customers in accordance with legal and contractual obligations
  • 4.
    Remediation: Implement fixes and preventive measures to prevent recurrence
  • 5.
    Post-Incident Review: Conduct thorough analysis and update security procedures

Data Security & Privacy

Zero Direct Access: We do not have direct access to your Jira data. All data processing occurs within Atlassian's secure Forge environment, which provides strong isolation between tenants.

Encryption Everywhere: Data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption managed by Atlassian's infrastructure.

Minimal Data Collection: We only collect and process data necessary to provide our Service functionality. No unnecessary personal information is collected or stored.

Data Residency: Your data resides within Atlassian's infrastructure in accordance with your Jira Cloud region settings.

Security Questions?

Have questions about our security practices or need additional information for your compliance requirements?

Email: support@vectanex.com