Trust Center
The Appfire Trust Center connects you to the latest information on the security, privacy, and compliance of our uniquely positioned products and services, to give you the comfort and trust you need when buying and using any Appfire app.
Appfire is certified under ISO 27001 and ISO 27017, and have also completed our SOC 2 audits.
Requesting full access will give you access to NDA protected content. Subscribing will provide you with notifications of future updates.
To demonstrate our dedication to security, privacy, and compliance, Appfire has just published it's most recent SOC2, Type II audit report, with zero exceptions.
For Appfire’s customers, a SOC2, Type II audit provides several assurances and benefits related to the security and availability of their data. For example, it signifies Appfire has implemented and maintains effective controls to secure sensitive customer data, taking necessary measures to protect their information against unauthorized breaches. There is also a level of trust that is incurred when going through such a rigorous audit process aligned with industry recognized standards, which is crucial for customers in regulated industries. A SOC2, Type II also reflects a commitment to transparency around security and availability practices, improving customer communications and confidence. The Type II designation involves continuous monitoring and improvement, assuring our customers that our controls will continue to be effective. Finally, a SOC2, Type II is a crucial factor in the vendor selection process, allowing customers to make informed decisions based on Appfire’s commitment to security and availability.
Appfire has also updated it's CAIQ Lite and SIG Lite pre-completed security questionnaires to further assist customers in their assessments and evaluations.
Thank you for continuing to be our customer.
Best Regards,
Doug Kersten
CISO
Appfire.com
Hi all,
Appfire is announcing its "Atlassian Host Platform Compatibility Policy" defining the range of Atlassian Host Platform versions that our Data Center apps will support.
Please see the document in Appfire's trust center by navigating to the Policies Card, and then to "Atlassian Host Platform Compatibility Policy"
Appfire Legal & Infosec Team
Background
Snowflake is a database vendor used by Appfire for data insights and analytics. It is not used by any of our marketplace applications. Snowflake has an ongoing investigation involving a targeted threat campaign against some Snowflake customer accounts. The initial attack methods revolves around compromise of user accounts that are not secured by MFA or other restricted access methods. According to Snowflake this compromise is not due to a vulnerability in Snowflake’s cloud offering.
Appfire Evaluation
Appfire is not impacted by this breach. As of this writing, Snowflake has stated that there was no breach of their systems nor exploitable vulnerability in their products. Regardless, our information security teams reviewed the controls in place around our instances of Snowflake, and reviewed logs against the indicators of compromise that were shared by Snowflake. We confirmed that none of the recently disclosed events impacted Appfire or our usage of Snowflake. If you would like more information about Snowflake's response to these recent events, please refer to their web site and community forum.
🔒 We’re proud to share some exciting news… Appfire hasc ompleted our SOC 2, Type II audit!
As we continue to prioritize the security of our technology, this latest recognition further demonstrates Appfire’s commitment to security and compliance for our customers, prospects, partners, and team members.
Learn more: https://bit.ly/3SJJN3z
Get it here: https://trust.appfire.com/?itemUid=7bfa66da-33ab-49de-8391-e329738a1ae9&source=click
Hi all,
Appfire is happy to announce we have released our updated 2024 CAIQ-Lite and SIG-Lite questionnaires. We've made a lot of improvements in the last year, including obtaining ISO 27001 and ISO 27017 certifications and completing SOC 2 audits, and these changes are now reflected in our questionnaires.
On a separate note, we have completed our new SOC 2, Type II audit and are expecting the final report any day. Our results were excellent and we'll send out an update on the Trust Center once it is available.
In addition, we are actively working on our penetration tests and have been updating new test results on an ongoing basis. In 2024 we've decided to test all of our apps twice a year vs. annual testing. This has resulted in Appfire bringing on a new vendor who can support the volume since we will be testing hundreds of apps every 6 months. Thank you for your patience as we roll this out. If you have a specific app or apps you would like us to prioritize, please reach out.
Thanks again for your trust,
Douglas J. Kersten CISO Appfire
If you need help using this Trust Center, please contact us.
If you think you may have discovered a vulnerability, please send us a note.