Default security settings in Bitbucket

Still need help?

The Atlassian Community is here for you.

Ask the community

This page gathers links to documentation describing default system settings for Bitbucket as a response to the Secure Software Development Framework (SSDF) requirements.

We provide pre-configured solutions with the most secure settings as default. Our mission is to unleash the potential of every team, prioritizing security every step of the way. Bitbucket comes with a set of default settings that provide administrators with the assurance that the product is secured immediately after installation, without requiring any additional steps.

All our Data Center products offer exceptional flexibility in terms of configuration. Many settings can be adjusted during the installation or pre-configuration process. In our commitment to strengthen security measures, we've implemented a range of default settings to mitigate the most common threats and vulnerabilities, thus reducing the risk of unintentionally exposing critical systems due to misconfiguration.

The following settings list with corresponding documentation will assist you in elevating the security level of your Bitbucket instances. Some of the documents below contain child pages. Refer to them as well to enhance the security of your instance.

1. Deployment

This documentation covers the process of deployment and includes: supported platforms, requirements, end-of-life policies, network setup, security protocols, infrastructure configurations, and the installation and configuration of software components such as Java, Tomcat, and databases.

2. Setup

This documentation focuses on configuring Bitbucket after deployment. It includes guides on setting up environments, configuring connection settings, managing data storage, and ensuring that all components support the instance.

3. Authentication, authorization, user management, and security

This documentation relates to securing applications and managing user access. It covers authentication and authorization mechanisms, user management, permissions, and security best practices.

4. Runtime, performance monitoring, and troubleshooting

This documentation focuses on monitoring and maintaining instances after setup. It includes guides on performance monitoring, handling runtime issues, and troubleshooting common problems.

5. Integrations and third-party apps

This documentation covers integrating Bitbucket with other Atlassian products and creating and integrating third-party apps with Bitbucket.

Last modified on Sep 4, 2024

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.