This procedure covers steps in case of security incident
immediately report an incident via Atlassian Service Desk
file an internal ticket with priority 'High'
assign an engineer to discover the cause of incident and close the security hole
maintain a communication line to Atlassian via support desk or phone if nedded
depending on the severity of the incident, customers may or may not be directly informed
This policy is reviewed annually and is kept up to date with requirements stated by Atlassian.