building-trust-through-transparency-capable-commitment-to-security

Building Trust Through Transparency: Capable's Commitment to Security

February 23, 2026

At Capable, trust isn't just a value - it's the foundation everything is built on. The apps that thousands of teams rely on every day inside Confluence and Jira must meet the highest standards of security, privacy, and reliability. That's why a new chapter is beginning: one centred on earning trust through transparency, verified compliance, and continuous investment in security.

Today marks the announcement of two milestones: Capable has achieved Cyber Essentials certification, and a brand-new Trust Center is now live at trust.gocapable.com.

Why Trust Matters in the Atlassian Ecosystem

When organisations install a marketplace app, they're making a decision that goes beyond features and functionality - they're placing confidence in a vendor to protect their data, maintain uptime, and operate with integrity. For SaaS companies, trust is the differentiator. Prospects want to see proof, not just promises, and strong security and privacy posture through transparency stands out as more reliable and credible in a crowded market.​

Capable apps already participate in the Atlassian Marketplace Security Programme, carry Atlassian Fortified status, and are enrolled in Atlassian's bug bounty programme through Bugcrowd. But a commitment to security doesn't stand still - it grows. That growth starts today.

Cyber Essentials: The First Certification

Capable is proud to have achieved Cyber Essentials certification - a UK Government-backed scheme overseen by the National Cyber Security Centre (NCSC) that establishes a baseline of good cyber security practice. The scheme is built around five key technical controls:

  • Firewalls and Internet Gateways - ensuring proper barriers between connected devices and the public internet
  • Secure Configuration - maintaining hardened settings, strong authentication, and disabling unnecessary services
  • User Access Control - enforcing least-privilege access so users only have the minimum permissions they need
  • Malware Protection - deploying anti-malware solutions to detect and prevent malicious code
  • Security Update Management - regularly installing the latest security patches across all systems

Achieving this certification is a statement of intent. It demonstrates that Capable takes cyber security seriously and is taking the necessary steps to keep customer data safe. It also provides a solid, independently recognised foundation to build upon as the compliance journey continues.​

Introducing the Capable Trust Center

Alongside this certification, the new Capable Trust Center is now live. A trust center is a centralised hub that puts transparency and credibility at the forefront of the customer experience - and that's exactly what this is designed to do.​

The Trust Center gives customers, prospects, and partners a single place to:

  • View current certifications and compliance status
  • Access security and privacy policies
  • Understand data protection practices
  • Track the compliance journey as it evolves

Rather than responding to security questionnaires one at a time or scattering documentation across emails and PDFs, the Trust Center consolidates everything in one transparent, always-available location. It answers questions proactively, shortening due diligence cycles and giving teams confidence that their data is in safe hands.

This isn't a static page - it's a living resource that will be updated as new certifications are earned, new policies are published, and new security milestones are reached.

What's Next: The Road to SOC 2

Cyber Essentials is the beginning, not the destination. The next major milestone on the compliance roadmap is SOC 2 - the industry-standard framework for SaaS companies that evaluates controls across security, availability, processing integrity, confidentiality, and privacy.​

SOC 2 compliance demonstrates how a service reduces risk and maintains system reliability, extending beyond tool configurations to showcase leadership oversight and operational maturity. For enterprise buyers and security-conscious teams, it's the gold standard of assurance.

Work toward SOC 2 is planned to begin later this year, and progress will be shared openly through the Trust Center as the journey unfolds.

A Culture of Transparency

This investment in compliance isn't driven by a checkbox mentality. It's rooted in a genuine belief that trust is earned through consistency, transparency, and proof. Every customer who installs a Capable app deserves to know exactly how their data is handled, what controls are in place, and where the security programme is headed.​

The Trust Center at trust.gocapable.com is the public commitment to that principle. It will grow and evolve - just as the security posture will - and customers are invited to follow along every step of the way.

Popular Articles

Approval

Refined × Capable: From Draft to Branded Perfection

Read More
Confluence

Capable for Confluence 2.0: We Just Leveled Up

Read More
News

KCS and the AI Revolution: Better Knowledge, Smarter Service

Read More
Approval

✅ Approval Festival 25: A Retrospective

Read More
Formatting

New Capable Macros That Supercharge Confluence

Read More
Approval

Smarter Content Management Starts Here: Introducing Our Latest Dashboards

Read More
Technology

The Strategic Power of KCS

Read More
Products
Confluence appsJira apps
monday.com apps
Solutions
KCSEngineeringMarketingBrandITSMHRCapable × Refined Sites
Resources
BlogDocumentationBook a demoMigrate to CapableCompare savingsRoadmap
About
Privacy policyData protectionSecurityEULAContact usTrust centerAbout us
Atlassian Marketplace Partner
Capable Works Limited © 2026 • All rights reserved