[Bamboo Knowledge Base]
As a distributed application, Bamboo's security is important. This page contains links to security-related information in the Bamboo documentation.
For information on how to report a security vulnerability in Bamboo and our policy on security advisories and patches, please read Bamboo security advisories. A full list of security advisories that we have previously issued is also available on that page.
For information on Bamboo's internal security model, i.e. user management and permissions, please see Users and permissions.
Please note the following security implications when enabling remote agents for Bamboo:
We strongly recommend that you do not enable remote agent installation on any Bamboo instance accessible from a public or untrusted network. Creating remote agents is Disabling and enabling remote agents support by default.
The following pages contain information on how to configure Bamboo features that can permit/forbid access to the Bamboo application.