SelectStar Labs Application Support

Overview

Issue Pulse is committed to the highest standards of security and data protection. Built exclusively on Atlassian's Forge platform, our application operates entirely within Atlassian's secure infrastructure, ensuring your data never leaves their trusted environment.

Data Security

Data Processing

All data processing occurs within Atlassian's Forge runtime environment
No customer data is transmitted to external servers
No customer data is stored outside of Atlassian's infrastructure
All operations are performed in isolated, sandboxed environments

Data Storage

Issue Pulse stores only minimal configuration data (rule definitions and user preferences)
All data is stored using Forge's secure storage APIs
No sensitive issue content is duplicated or cached
Configuration data is encrypted at rest using Atlassian's encryption standards

Data Access

Issue Pulse only accesses data explicitly granted through Jira permissions
Respects all existing Jira project and issue-level permissions
No elevated privileges or admin bypass capabilities
Users can only create rules for projects they have access to

Infrastructure Security

Platform Security

Fully hosted on Atlassian Forge platform
Benefits from Atlassian's SOC2 and ISO 27001 certifications
Automatic security updates managed by Atlassian
No separate infrastructure to maintain or secure

Application Isolation

Runs in isolated Forge runtime containers
Cannot access external networks except through approved Atlassian APIs
Cannot execute arbitrary code or system commands
Resource limits enforced by Forge platform

Authentication & Authorization

User Authentication

Leverages Jira's existing authentication mechanisms
No separate passwords or credentials required
No user credentials are stored by Issue Pulse

Authorization

All actions performed under the logged-in user's context
Inherits Jira's permission scheme completely
No ability to bypass Jira security controls
Admin actions require Jira administrator privileges

Compliance

Regulatory Compliance

GDPR compliant - no personal data collected beyond Jira user IDs
No data residency concerns - data remains in your Atlassian region
Supports Atlassian's data residency requirements
No cross-border data transfers

Privacy

No tracking or analytics on customer data
No personal information collected
No data sharing with third parties
No advertising or data monetization

Security Practices

Development Security

Regular security reviews and code audits
Automated vulnerability scanning in CI/CD pipeline
Dependency scanning for known vulnerabilities
Principle of least privilege in all operations

Incident Response

24-hour response time for critical security issues
Direct communication channel for security concerns
Coordinated disclosure with Atlassian security team
Regular security updates and patches

Data Retention & Deletion

Data Retention

Configuration data retained only while app is installed
No historical data accumulation
No backup copies maintained

Data Deletion

Complete data removal upon app uninstallation
No residual data remains after uninstall
Manual data purge available through admin interface
Immediate deletion upon request

Security Features

Audit Logging

All rule changes are logged with user and timestamp
Integration with Jira audit log where available
No ability to modify or delete audit trails
Audit logs retained per Jira's retention policy

Access Controls

Role-based access control for rule management
Project-level isolation of rules
No cross-project data leakage
Secure default configurations

Vulnerability Management

Reporting Security Issues

Security issues can be reported to: support@selectstar.org
CVE disclosure process when required
Transparent security advisory process

Update Process

Critical patches deployed within 48 hours
Regular updates via Forge platform
No customer action required for security updates
Automatic rollback capabilities

Third-Party Security

Dependencies

Minimal third-party dependencies
All dependencies vetted for security
Regular dependency updates
No runtime network calls to third parties

Integrations

Only integrates with official Atlassian APIs
No third-party service integrations
No external webhooks or callbacks
No data synchronization with external systems

Customer Responsibilities

While Issue Pulse maintains strong security standards, customers should:

Maintain secure Jira configurations
Regular review of user access and permissions
Monitor rule configurations for appropriate use
Report any suspected security issues immediately

Security Certifications & Audits

Current Status

Atlassian Forge platform certified
Regular security assessments performed
Available for customer security reviews upon request

Contact Information

Support Contact

Email: support@selectstar.org
Support Portal: https://selectstar.atlassian.net/servicedesk/