Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,465,022
Community Members
 
Community Events
176
Community Groups

Status of Compliance and Security (Pentest, etc.) Documentation for Atlas

alex I'm New Here Sep 30, 2022

Hi Atlassian team

Thanks for creating so many helpful articles regarding this beta product.

Currently, the company I work for is conducting a vendor risk management evaluation on the Atlas product for consideration within our organisation.
In trying to contact Atlas Support, I was redirected to this forum site.

I noticed you mentioned in some documentation (thanks to a different post) that there are many integrations with other products. Are these integrations developed and tested similarly to production applications (such as JIRA's, e.g. GitHub integration) to ensure that they securely transfer sensitive corporate data (such as our source code)?

In the broader sense of the question, is a penetration test available to be sent to our organisation regarding this product?

Further, the Atlassian compliance page has many compliance certifications, including SOC2 and ISO 27001. Compass is listed on these pages as the only Beta product certified for both. Is Atlas currently or soon scheduled to undergo similar compliance evaluations?

Regards,

2 comments

alex I'm New Here Sep 30, 2022

After reading this post, I noticed that RBAC and limiting visibility to boards and project updates are unavailable.

We would like to see this ability in the future, not only to better meet privacy and security compliance requirements but also to have the ability to use the product to report high-level updates about specific sensitive incidents between one or many (but not all) departments of the organisation, without needing to create multiple levels of issue security groups in JIRA and applying those to individual JIRA tickets.

Appreciate the help and look forwards to hearing back.

~ Alex

Like Jimi Wikman likes this

As of this morning we've released Private Projects which allow you to restrict visibility of projects to specific users. We currently don't support group-level visibility but I suspect we will need to get there sometime as well. 

Learn more here: https://intercom.help/atlas-by-atlassian/en/articles/6403749-restrict-the-viewing-and-editing-of-projects 

Thanks for your question and feedback Alex!

RE: Integrations

  • Yes, they are all developed securely. In fact the majority of them e.g. Github, Asana, Figma etc..) is the same smart cards integrated in Jira Software, Confluence, Jira Service Management, Trello and so forth. If you use an Atlassian product in the cloud today chances are you already use those integrations. 

RE SOC2 and ISO27k

Like Justin Koke likes this

Thanks for the update @Sherif Mansour i can’t start an adoption process at Algolia until this comes through. Keep us in the loop, and chat soon 👍🙌

Comment

Log in or Sign up to comment
TAGS

Atlassian Community Events