Cloud Fortified Apps Program
This page describes how Rixter is adhering to the Atlassian Cloud Fortified Program for selected apps. See marketplace apps to find out which has been approved.
🔐 Security Requirements
Participation in Security Programs: Apps must engage in Atlassian’s security initiatives, including:
Ecoscanner: Continuous monitoring for vulnerabilities.
Vulnerability Disclosure Program: Allows reporting of security issues.
Cloud App Security Requirements: Adherence to defined security standards.
Security Bug Fix Policy: Commitment to timely resolution of security bugs.
Additional Security Investments:
Rixter is part of the Marketplace Bug Bounty Program: Encourages proactive vulnerability discovery.
Rixter has done the Security Self-Assessment Program: Annual self-assessment reviewed by Atlassian.
Privacy & Security Transparency: Complete the Privacy & Security tab on the app’s Marketplace listing to inform customers about data handling practices.
⚙️ Reliability Requirements
Service Level Objectives (SLOs): Maintain defined SLOs for key Service Level Indicators (SLIs), such as:
App availability (e.g., 99.9% uptime).
Response times and error rates are less then 0.1%
Synthetic Testing: Implement automated tests that simulate user interactions to validate core app functionalities.
Health Checks: Provide a health check endpoint to monitor app status.
Incident Management:
Establish processes for incident detection and response.
Integrate with Atlassian’s incident management system (e.g., using EcoHOT tickets).
Conduct post-incident reviews and implement corrective actions.
Deprecation Handling: Address Atlassian’s deprecation notices within the specified timeframes.
🛠️ Support Requirements
Timely Response: Respond to critical (Tier 1) support issues within 24 hours, five days a week, in the partner’s local timezone.
Support Coordination: Provide a primary point of contact for customer support requests raised via Atlassian support channels.