A few questions about using Sourcetree in corporate environment.
It looks like the SourceTree app requires users to create a Bitbucket account so they can use it and connect it to GitHub, as explained in this guide. Our security team would like to understand whether any data is made available to Atlassian through this process and what sort of data that is. If it includes any personal data, where is this data going to be stored geographically and how can we ensure that we meet our GDPR obligations?
We have also attempted to find information in relation to the security practices followed for SourceTree app, however we have not been able to locate anything specific within your Trust Centre. All certifications published there seem to cover other Atlassian apps but not SourceTree. Can you point us to any other specific resources?
And lastly in some of the previous posts in the community it was mentioned that Sourcetree security advisories are not included in the subscription mailing list which is designed for this purpose. Why is this the case and what is the recommended way of receiving security advisories for the Sourcetree app?
I'll have to circle back on the security sub mailing list question, but in regards to Sourcetree requiring a Bitbucket account:
A vulnerability has been published today in regards to Sourcetree for Windows. The goal of this article is to give you a summary of information we have gathered from Atlassian Community as a st...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event