Sprint Creator

Security for Sprint Creator

Automated Sprint Planning for Jira

Last Updated: December 2, 2024

Our Security Commitment

Sprint Creator is built on Atlassian Forge, providing enterprise-grade security for your sprint planning automation. This document outlines our security practices and commitments.

Platform Security

Atlassian Forge Platform

Built on Atlassian's serverless infrastructure with isolated execution environments

Data Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.2+)

Data Isolation

Complete tenant isolation - your data is never accessible to other customers

No Direct Access

Developers cannot directly access your stored data or Jira instance

Data Handling

How we handle your data within Sprint Creator

All data stored exclusively in Atlassian Forge storage

No data exported outside your Jira instance

Data automatically deleted upon app uninstallation

No third-party data sharing or processing

Access Control

Permission-based access management

Respects Jira project permissions and roles

Board-level access controls enforced

Admin-only configuration settings

Audit logs for configuration changes

Secure Development

Security-first development practices

Regular dependency vulnerability scanning

Code reviews for all changes

Automated security testing in CI/CD

Following OWASP secure coding guidelines

Incident Response

Our process for handling security incidents

Detection

Continuous monitoring for anomalies and threats

Assessment

Rapid evaluation of impact and severity

Containment

Immediate action to limit exposure

Communication

Timely notification to affected customers

Report a Security Issue

View on Atlassian Marketplace

Security for Other Products

Recurring Tasks