Security

Incident response

How QTI Labs prepares for and responds to suspected or confirmed StatusDeck security incidents.

StatusDeck for Jira Cloud Last updated: 12 July 2026

Process

  1. Identify and validate the event.
  2. Classify severity and affected systems.
  3. Contain access, deployment or data exposure.
  4. Preserve relevant evidence and logs.
  5. Investigate root cause and affected customers.
  6. Remediate and validate the fix.
  7. Notify Atlassian, customers or authorities where required.
  8. Perform post-incident review and track corrective actions.

Atlassian coordination

Where an incident affects StatusDeck, Jira data, Forge storage or Marketplace customers, QTI Labs will follow Atlassian's then-current Marketplace incident process and required notification timelines.

Customer notification

Notifications will be based on confirmed facts, legal obligations, contractual requirements, risk to customers and coordination needs. Notices may describe the incident, affected information, containment, recommended actions and remediation status.

Contact

Suspected incidents should be reported to support@qtilabs.com. StatusDeck operational issues may also be sent to marketplace@qtilabs.com.

Effective date: upon first public availability of StatusDeck on the Atlassian Marketplace. Review at least annually and after material product, scope, storage, subprocessor, security or legal changes.