Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Status of Compliance and Security (Pentest, etc.) Documentation for Atlas

alex
alex September 30, 2022

Hi Atlassian team

Thanks for creating so many helpful articles regarding this beta product.

Currently, the company I work for is conducting a vendor risk management evaluation on the Atlas product for consideration within our organisation.
In trying to contact Atlas Support, I was redirected to this forum site.

I noticed you mentioned in some documentation (thanks to a different post) that there are many integrations with other products. Are these integrations developed and tested similarly to production applications (such as JIRA's, e.g. GitHub integration) to ensure that they securely transfer sensitive corporate data (such as our source code)?

In the broader sense of the question, is a penetration test available to be sent to our organisation regarding this product?

Further, the Atlassian compliance page has many compliance certifications, including SOC2 and ISO 27001. Compass is listed on these pages as the only Beta product certified for both. Is Atlas currently or soon scheduled to undergo similar compliance evaluations?

Regards,

Comment
Watch
Like # people like this
819 views

2 comments

Comment

Log in or Sign up to comment
alex
alex September 30, 2022

After reading this post, I noticed that RBAC and limiting visibility to boards and project updates are unavailable.

We would like to see this ability in the future, not only to better meet privacy and security compliance requirements but also to have the ability to use the product to report high-level updates about specific sensitive incidents between one or many (but not all) departments of the organisation, without needing to create multiple levels of issue security groups in JIRA and applying those to individual JIRA tickets.

Appreciate the help and look forwards to hearing back.

~ Alex

Like Jimi Wikman likes this
Reply
Sherif Mansour
Sherif Mansour
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 12, 2022

As of this morning we've released Private Projects which allow you to restrict visibility of projects to specific users. We currently don't support group-level visibility but I suspect we will need to get there sometime as well. 

Learn more here: https://intercom.help/atlas-by-atlassian/en/articles/6403749-restrict-the-viewing-and-editing-of-projects 

Like
Sherif Mansour
Sherif Mansour
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 12, 2022

Thanks for your question and feedback Alex!

RE: Integrations

  • Yes, they are all developed securely. In fact the majority of them e.g. Github, Asana, Figma etc..) is the same smart cards integrated in Jira Software, Confluence, Jira Service Management, Trello and so forth. If you use an Atlassian product in the cloud today chances are you already use those integrations. 

RE SOC2 and ISO27k

Like Justin Koke likes this
Reply
Justin Koke
Justin Koke October 13, 2022

Thanks for the update @Sherif Mansour i can’t start an adoption process at Algolia until this comes through. Keep us in the loop, and chat soon 👍🙌

Like
groups-icon
Atlas Group
TAGS
AUG Leaders

Atlassian Community Events

    See all events