What you'll learn

Understanding users and user roles in Jira Cloud
Working with projects and project settings
Understanding data in Jira Cloud
Understand the role of Security in System Administration
Understand the role and use of JQL

Course content

6 sections • 39 lectures • 4h 20m total length

Introduction2:05
Basic Setup - What you will need for this course3:10
Set up your Atlassian account and access Jira, Confluence, and related services, then master account and administration settings, with optional free fundamentals and ACP 120 prep for the course.

Lecture - The Risk Landscape8:59
Explore the risk landscape of cloud systems by mapping Atlassian product usage, implementing a layered security model with identity providers, access controls, and automation for Jira, Confluence, and service management.
Hands On - Setup ID Providers4:17
Hands On - Jira Verify Domain-Auth Policies2:36
Lecture - User Provisioning8:34
Lecture - Users and Security Groups8:05
Lecure Atlassian/JIRA Synchronization9:51
Lecture Atlassian Crowd2:48
Hands On - Create Internal Users and Groups4:59
Hands On - Restoring a Suspended User2:28
Atlassian Access8:57
Atlassian access provides a one-stop, identity provider driven solution to manage and enforce security policies at scale, with role-based provisioning, MFA, API tokens, and comprehensive audits.
Chapter 1 Quiz - Working with Users

Systems Policy4:48
Hands On Setting Access Policies5:03
Lecture Confluence Overview7:48
Explore Confluence as a cloud project management and collaboration platform, featuring spaces, page-level permissions, templates, and integration with Jira for scalable security and agile workflows.
Hands On Confluence3:54
Explore how to configure Confluence and Jira admin settings, including site title, languages, attachments, timeouts, and remote APIs, to tailor global templates, HR and ITSM workflows.
Hands On Confluence Setting Permissions3:40
Explore hands-on Confluence space permissions, including setting space settings, managing pages, and applying granular access controls across identity provider, Jira, and integrations such as Slack.
Lecture Jira Service Management11:54
Hands On Jira Service Management4:27
Explore configuring Jira service management by setting product and access permissions, adding service desk team members, managing customer permissions and notifications, and integrating apps like Slack for incident workflows.
Lecture Opsgenie8:31
Lecture Managing Other Apps6:05
Hands On Other Apps Adding Jira to Slack1:40
Learn to connect Jira Cloud with Slack, authorize the integration, and use simple commands to create issues and sync data through encrypted, permission-driven workflows.
Lecture Group Policies10:04
Chapter 2 Quiz

General Threat Surface13:27
Explore the general threat surface of amazon web services, Jira, and users; apply avoidance, acceptance, and mitigation, and use CloudTrail and multi-factor authentication for auditing and risk reduction.
Bug Bounty Program7:44
Lecture and Hands On - JIRA Mitre Att&ck Surface3:44
Hands On adding Att&ck to Jira as a project9:05
Hands On Create an API Token1:22
Security Schemas5:57
Integration into AWS Service Connector6:04
Link AWS security hub and systems manager to Jira service management with the AWS service connector and service catalog. Automate requests, limit provisioning, and monitor governance with CloudWatch.
Jira Workflow through AWS Security Hub7:29
Security and Jira JQL10:09
Core Security Recommendations13:20
Follow Atlassian best practices and map your landscape; implement least privilege, data segregation, identity provider integration, SSO, MFA, and audit service accounts for Jira cloud security.
Chapter 3 Quiz

Lecture Jira Data Management10:36
Learn how Jira cloud data management requires you to own your data, plan backups, and manage data residency, retention, and GDPR considerations across global AWS storage locations.
Lecture Jira Backups6:58
Hands On Creating a Jira Backup2:47
Jira Cloud Architecture17:28
Explore Jira cloud architecture, a cloud-native microservices design on AWS with tenant-isolated data, edge computing, and JWT-based security, enabling scalable compliance with GDPR, HIPAA, SOC 2, ISO 27001.
Jira JQL5:32
Explore how Jira JQL enforces data access through global, project, and issue-level permissions, filtering search results to match each user’s security schema and preventing unauthorized visibility.
Hands on JQL4:02
Chapter 4 Quiz

Requirements

There are no prerequisites for this course

Description

Practical JIRA Security is designed to provide participants with an understanding of security principles and best practices. Students learn to effectively secure JIRA, a widely-used project management, and issue-tracking platform. This course will teach students how to ensure data confidentiality, integrity, and availability within JIRA instances.

In this course, participants will gain a solid understanding of JIRA security. Our first step will be to explore the fundamentals of JIRA and the vulnerabilities that affect them. In this course, students will learn to identify potential security risks and adopt robust security measures. Protecting sensitive information, preventing unauthorized access, and maintaining industry compliance is essential.

Key topics covered in the course include authentication mechanisms, user and group management, secure project configurations, permission schemes, and audit logging. Students will learn how to implement strong user authentication methods, including single sign-on (SSO) integration with external identity providers, to enhance overall system security.

This course will teach you comprehensive strategies for managing users and groups. Participants are able to effectively control access privileges, assign appropriate permissions, and implement the least privilege. The students will explore how to create and manage permission schemes, which ensure that sensitive data and functionality are only accessible to authorized individuals.

Participants will also learn how to configure JIRA projects securely, including setting up project roles, managing workflows, and defining project-level permissions. They will understand the importance of implementing secure workflow transitions, applying appropriate validation rules, and enforcing strict permissions. This will maintain data integrity and prevent unauthorized actions.

In addition, the course covers advanced security features such as secure attachments, secure custom fields, and secure JIRA APIs. Students will learn how to secure file attachments and custom fields to prevent unauthorized access or leakage of confidential information. They will also gain insights into securing JIRA APIs and protecting against potential security vulnerabilities and attacks.

Throughout the course, practical exercises and real-world scenarios will allow participants to apply their knowledge hands-on. They can configure secure JIRA instances, create and manage user accounts, define access controls, and enforce security measures to protect data.

Upon completing the JIRA Security Fundamentals course, participants will deeply understand JIRA security principles, best practices, and techniques. Students will be equipped with the necessary skills to secure JIRA instances effectively. They will also safeguard sensitive information, mitigate potential risks, and maintain compliance within their organizations.

Join us on this comprehensive journey to master JIRA security. This will elevate your ability to safeguard critical data and ensure the integrity of your organization's project management processes.

Who this course is for:

This course is intended for anyone who is interested in Jira, how it works in the cloud, and is in the role of a Jira Administrator with security responsibilities

What you'll learn

Explore related topics

Course content

Introduction2 lectures • 5min

Working with Users10 lectures • 1hr 2min

Working with Policies11 lectures • 1hr 8min

System Admin and Security10 lectures • 1hr 18min

Working with Data and Data Types6 lectures • 47min

Close0

Requirements

Description

Who this course is for: