Skip to main content
Skip table of contents

Security Programs

Opus Guard's applications for Atlassian are built upon the Atlassian Forge platform. We work with Atlassian and participate in mandated security programs by Atlassian Marketplace.

CAIQ-Lite Questionnaire

The CAIQ-Lite, which stems from the Consensus Assessments Initiative Questionnaire (CAIQ), provides a condensed approach that streamlines vendor assessment, making it easier for cybersecurity professionals to engage with cloud vendors and enhance their security efforts.

(tick) OpusGuard-CAIQ-Lite-3.1-20240320.xlsx can be downloaded for use in your vendor security assessment.

Atlassian Ecoscanner

Atlassian's Ecoscanner platform is a platform used for performing security scanning against all Marketplace cloud apps on an ongoing basis.

(tick) Opus Guard's Apps are continuously monitored for common security vulnerabilities and we work with Atlassian to keep improving the overall security posture of our Apps.

Atlassian Vulnerability Disclosure Program

Customers and security researchers can report any vulnerability on Atlassian Marketplace Apps via this program.

(tick) Opus Guard's Apps participate the program.

Atlassian Security requirements for Forge apps

(tick) As an Atlassian Marketplace Partner, Opus Guard's Apps adheres to these security requirements.

Atlassian Security Bug Fix Policy

The Security Bug Fix Policy outlines Atlassian's security expectations of developers who host apps on the Atlassian Marketplace, specifically regarding security vulnerabilities.

(tick) Opus Guard follows this policy to ensure our customers' data are protected.

CLOUD FORTIFIED

Atlassian Marketplace provides the Cloud Fortified program and badge to denote apps that have a public Bug Bounty and regularly pass rigorous internal Atlassian Security Reviews.

(tick) All Content Retention Manager applications are Atlassian Cloud Fortified.

RUNS ON ATLASSIAN

Atlassian Marketplace will provide an upcoming 2025 program named Runs on Atlassian. This program and badge is designed to help customers identify apps that a) do not transmit data outside of the Atlassian Cloud and b) provide data residency. Compliance with this program means an app cannot egress any of your data out of your Atlassian site, and is automatically checked by Atlassian.

(tick) All Content Retention Manager applications are already compatible with Runs on Atlassian.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.