Security posture
- Read-only access against supported Jira configuration surfaces
- No mutation of Jira permissions, groups, users, roles, or schemes
- Administrative actions around stored data are explicit and auditable
Security
Read-only posture, scoped storage, explicit reporting path.
The product is designed for review before change. The security posture is aligned to that model: no Jira mutation, tenant-scoped handling, auditable actions, and public disclosure contact.
Stored data
- Scan snapshots and findings
- Baseline history and diffs
- Policy and exception records
- Audit and export metadata required for app features
Retention and deletion
- Retention controls are exposed in the app
- Scoped and site-wide cleanup actions are explicit and warning-heavy
- Evidence handling is designed to preserve review integrity while still allowing cleanup
Disclosure path
Send vulnerability or incident reports to support@unitlane.net.
Preferred details: impact, affected tenant or site, Run ID or Scan ID, UTC timestamp, and reproduction steps.