If you’ve spent time evaluating apps in the Atlassian Marketplace, you’ve probably noticed a growing number of trust badges: Built on Forge, Runs on Atlassian, and Cloud Fortified.
For Jira admins, IT approvers, and security teams, these aren’t just marketing stickers. They’re signals that Atlassian is raising the bar for how Marketplace apps are built, hosted, and secured. But what exactly does Runs on Atlassian mean? And how does it change your evaluation process?
Let’s dive in.
What is Runs on Atlassian?
Runs on Atlassian is a trust badge awarded to Marketplace apps that meet strict criteria for cloud-native hosting and operational security. Specifically, an app with this badge:
- Is built on Forge; Atlassian’s serverless development platform.
- Runs entirely within Atlassian’s infrastructure—no third‑party or vendor-managed servers.
- Keeps your data within Atlassian’s secure environment—no data egress to external endpoints.
👉 Learn more about Runs on Atlassian
In short, apps with this badge are designed and hosted in ways that reduce risk, simplify compliance reviews, and give administrators confidence.
Why this matters for Jira Admins and IT Teams
When you evaluate apps, you’re often asked:
- Where is this app hosted?
- Does data leave Atlassian’s environment?
- Will this vendor’s infrastructure meet our compliance needs?
Runs on Atlassian answers many of those questions upfront.
| Connect Apps | Forge Apps | |
|---|---|---|
| Hosting | Vendor-managed infrastructure | Atlassian-managed infrastructure |
| Data flow | Data may pass through or be stored on vendor servers | Data stays within Atlassian cloud |
| Security oversight | Vendor responsible for securing backend | Atlassian enforces security and isolation |
| Performance | Depends on vendor’s infrastructure | Optimized within Atlassian’s environment |
What this means for you:
- Less time validating third‑party hosting.
- Confidence in data residency alignment with Atlassian’s guarantees (EU/US).
🔒 Procurement and Compliance Reviews
Every new app often triggers lengthy security questionnaires and risk assessments.
With Runs on Atlassian apps:
- Many questions are simplified because Atlassian itself is responsible for the infrastructure.
- You can treat these apps as extensions of Atlassian’s environment rather than independent vendors.
- Pro tip: When presenting options internally, highlight apps with the Runs on Atlassian badge to accelerate reviews.
⚙️ Operational Confidence
Apps with the Runs on Atlassian badge must also follow Atlassian’s operational standards. Many of these apps also carry other badges such as Built on Forge and Cloud Fortified, which signal additional trust factors.
How to identify Runs on Atlassian Apps
Knowing what these programs mean is great, but where do you look when you’re actually evaluating apps on the Marketplace?
When you visit an app listing on the Atlassian Marketplace, look near the top of the page, just under the app name and vendor information. You’ll see trust badges like these:
Built on Forge
Indicates the app is developed using Atlassian’s Forge platform. Forge apps run in a secure, Atlassian-managed environment rather than vendor infrastructure.
👉 Learn more about Forge
Runs on Atlassian
Indicates the app is hosted entirely within Atlassian’s infrastructure. Your data never leaves Atlassian’s environment, reducing vendor risk and simplifying compliance.
👉 Learn more about Runs on Atlassian
Cloud Fortified
A separate program signaling that the app meets Atlassian’s highest standards for operational reliability and support, including:
- 24×5 support SLAs
- Performance and reliability monitoring
- Ongoing vulnerability scans
💡 Tip: Hover over each badge on the Marketplace listing to see a description.
🔎 Quick tips when reviewing an app listing
- Check badges first—look for Built on Forge or Runs on Atlassian at the top of the page.
- Review the Privacy & Security tab for data handling details.
- Look for links to a vendor’s Trust Center for deeper documentation.
What it means for your team
- For Jira Admins: Less time investigating infrastructure, more confidence in approving apps.
- For IT Approvers: Faster procurement cycles because many compliance hurdles are already cleared by Atlassian.
- For Security Teams: Reduced vendor surface area and alignment with enterprise-grade cloud practices.
Ricksoft’s commitment
At Ricksoft, we’ve embraced these higher standards because we believe they’re the future of the Atlassian ecosystem. Many of our flagship Jira and Confluence apps already meet these trust signals: Built on Forge, Runs on Atlassian, and Cloud Fortified, with ongoing participation in Atlassian’s Marketplace Security Bug Bounty Program.
👉 See our full list of trusted badges and app details on our Security & Compliance hub
👉 Or explore certifications and documentation at our Ricksoft Trust Center.
Final thoughts
Runs on Atlassian isn’t just a badge, it’s Atlassian signaling a Marketplace shift toward more secure, more transparent, enterprise‑ready apps. Next time you evaluate an app:
- Look for Built on Forge, Runs on Atlassian, and Cloud Fortified badges.
- Use these trust signals to simplify reviews and confidently recommend apps that align with your organization’s security posture.
