# Confluence

| Security Control              | Status | Evidence                                                                         |
| ----------------------------- | ------ | -------------------------------------------------------------------------------- |
| Access reviews                | Yes    | <https://www.atlassian.com/software/confluence/security>                         |
| Encryption of data in transit | Yes    | <https://www.atlassian.com/software/confluence/security>                         |
| Encryption of data at rest    | Yes    | <https://www.atlassian.com/software/confluence/security>                         |
| Reviewing of logs             | Yes    | <https://www.atlassian.com/software/confluence/security>                         |
| Vulnerability management      | Yes    | <https://www.atlassian.com/software/confluence/security>                         |
| Backup and restore            | Yes    | <https://www.atlassian.com/software/confluence/security>                         |
| Multi Factor Authentication   | Yes    | <https://www.atlassian.com/software/confluence/security>                         |
| Data cleanse and quality      | N/A    | They don't specifically say that they do this but users can do it on their tool. |

* [ISO/IEC 27001:2013](https://www.atlassian.com/trust/security)
* [SOC 2 Type II](https://www.atlassian.com/trust/security)
* [PCI DSS 3.2](https://www.atlassian.com/trust/security)
* [HIPAA](https://www.atlassian.com/trust/security)
* [CSA STAR Level 2](https://www.atlassian.com/trust/security)
* [FedRAMP Moderate](https://www.atlassian.com/trust/security)