We are in a process of using SourceTree application in our company but before that we need answer on the following questions:-
Does the vendor have a software security program? (Including security testing, risk assessment, architetcural analysis)
Has the software security program been reviewed by an independent maturity assessment? (e.g. BSIMM)
Has your software security program been applied to this product/product suite (including underlying open source)?
Has this product been independently assessed/certified? (e.g. Common Criteria)
Has the product's design/architecture been security assessed?
Has this product been security tested?
What types of security testing have been applied to this product/product suite?
Who performs the security testing for this product/product suite? Is it independent?
How often is security testing performed on this product/product suite?
Do you product auditable outputs from the software security program documenting the identified software security issues?
Are there security resources that can speak to the software security program and issues in the product/product suite?
Is there a documented security issue remediation process for this product/product suite with set SLAs?
What is the SLA for addressing HIGH risk issues in this product once identified?
What is the SLA for notifying consumers of HIGH risk issues in this product/product suite once identified?
Hi Aditya, we won't be able to provide an itemized response to your questions, Sourcetree is a free product and it's provided "as is".
In regards to the SLA, you can visit the page Atlassian Support Offerings.
For more information, you can have a look at the customer agreement Sourcetree > About Sourcetree > Customer Agreement.
Hope that helps!
A vulnerability has been published today in regards to Sourcetree for Windows. The goal of this article is to give you a summary of information we have gathered from Atlassian Community as a st...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event