ScriptRunner trust and security
Proudly part of The Adaptavist Group, ScriptRunner upholds the highest standards for safety and security. Here's what you need to know about our credentials and policies.
How safe is ScriptRunner?
You need tools you can trust. It's our top priority to keep your data safe, and the entire ScriptRunner suite is built with enterprise-grade security at its core. But you don't just have to take our word for it—our security credentials are industry-leading and independently verified.
ISO 27001
ISO 27001 is a prestigious international standard for information security, confirming that we meet the International Standards Organization (ISO) and International Electrotechnical Commission's (IEC) stated requirements for all aspects of cybersecurity and data privacy.
SOC 2 Type 2 audit report
The SOC 2 Type 2 audit report assesses the implementation and effectiveness of our security controls over an extended period of time, offering reassurance that your information is appropriately protected by us on an ongoing basis.
As part of The Adaptavist Group, you can view our most up-to-date security credentials at any time by visiting The Adaptavist Group Trust Center.
Taking your security seriously
Beyond credentials, you can rest easy knowing that the ScriptRunner logo means robust security culture and practices across the board. For your peace of mind, here are the answers to some frequently asked questions.
How long does ScriptRunner keep my personal data?
In line with data protection laws in the countries where we operate, we only keep your personal data for as long as we need it to fulfil the purpose it was collected for—unless we have a legal obligation to keep it for longer.
More information about our use of your data can be found in The Adaptavist Group privacy policy.
How long does ScriptRunner keep my user-generated data, like scripts and logs, after I've uninstalled the product?
Once ScriptRunner has been uninstalled, user-generated data is kept for a maximum of 90 days for backup purposes.
Could a ScriptRunner error damage my data? How do you prevent that?
Errors of this nature are rare. Our product teams take several important steps to help ensure that your data remains secure and protected, even if an error occurs:
- Code reviews: We carefully peer-review our code to catch any issues before they can cause problems.
- Automated testing: We run our software through a series of automated tests in different environments before we release it, to make sure it works smoothly.
- Vulnerability scanning: We regularly and automatically scan for security weaknesses and keep our software updated to close any gaps.
- Manual QA testing: Our team of testers manually checks the software to ensure it meets our high standards.
- Regular production testing: We perform automated tests even after the software is live to catch any unforeseen issues early.
- Error monitoring: We keep an eye on the software in real time to quickly address any errors that may pop up.
- Security awareness training and internal audits: We conduct regular training sessions to keep our product team informed about the latest security practices and perform regular internal audits to ensure compliance with security protocols and standards.
- Disaster recovery readiness: In case of a significant unforeseen problem, we have a robust backup system, in line with the same security measures and accreditations detailed above, to get things back up and running without loss of data.
Privacy and protection within ScriptRunner Cloud products
The following pages have product-specific information about ScriptRunner for Jira Cloud, ScriptRunner for Confluence Cloud, and ScriptRunner Connect.
Other resources
For further information relevant to your use of ScriptRunner products, you may find the following pages helpful.
If you have questions we haven't answered here, we'd be happy to help.
Book a meeting with our Customer Success Team to chat through your requirements.
