Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Need inputs on the security measure for SourceTree application

Hi Team,

We are in a process of using SourceTree application in our company but before that we need answer on the following questions:-

QUESTION

 

YES/NO

 

 

 

Does the vendor have a software security program? (Including security testing, risk assessment, architetcural analysis)

 

 

Has the software security program been reviewed by an independent maturity assessment?  (e.g. BSIMM)

 

 

Has your software security program been applied to this product/product suite (including underlying open source)?

 

 

Has this product been independently assessed/certified?  (e.g. Common Criteria)

 

 

Has the product's design/architecture been security assessed?

 

 

Has this product been security tested?

 

 

What types of security testing have been applied to this product/product suite?

 

 

Who performs the security testing for this product/product suite?  Is it independent?

 

 

How often is security testing performed on this product/product suite?

 

 

Do you product auditable outputs from the software security program documenting the identified software security issues?

 

 

Are there security resources that can speak to the software security program and issues in the product/product suite?

 

 

Is there a documented security issue remediation process for this product/product suite with set SLAs?

 

 

What is the SLA for addressing HIGH risk issues in this product once identified?

 

 

What is the SLA for notifying consumers of HIGH risk issues in this product/product suite once identified?

 

 

 

 

1 answer

0 votes
Ana Retamal Atlassian Team Jun 11, 2018

Hi Aditya, we won't be able to provide an itemized response to your questions, Sourcetree is a free product and it's provided "as is".

In regards to the SLA, you can visit the page Atlassian Support Offerings.

For more information, you can have a look at the customer agreement Sourcetree > About Sourcetree > Customer Agreement.

Hope that helps!

Ana

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Sourcetree

Tip from the team: configure your repos for hosting goodness!

Supported Platforms macOS Windows We recently introduced support for additional hosting services such as GitHub Enterprise, GitLab (Cloud, Community Edition, Enterprise Edition), and...

3,274 views 4 5
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you