Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

The Appfire Trust Center connects you to the latest information on the security, privacy, and compliance of our uniquely positioned products and services, to give you the comfort and trust you need when buying and using any Appfire app.

Appfire is certified under ISO 27001 and ISO 27017, and have also completed our SOC 2 audits.

Requesting full access will give you access to NDA protected content. Subscribing will provide you with notifications of future updates.

Documents

Featured Documents

REPORTSPentest Report

ESG

We prioritize and take environmental, social, and governance (ESG) considerations seriously in our operations and decision-making processes.

Trust Center Updates

SOC2, Type II Audit Report & SIG Lite and CAIQ Lite Questionnaires

Compliance
Copy link

To demonstrate our dedication to security, privacy, and compliance, Appfire has just published it's most recent SOC2, Type II audit report, with zero exceptions.

For Appfire’s customers, a SOC2, Type II audit provides several assurances and benefits related to the security and availability of their data. For example, it signifies Appfire has implemented and maintains effective controls to secure sensitive customer data, taking necessary measures to protect their information against unauthorized breaches. There is also a level of trust that is incurred when going through such a rigorous audit process aligned with industry recognized standards, which is crucial for customers in regulated industries. A SOC2, Type II also reflects a commitment to transparency around security and availability practices, improving customer communications and confidence. The Type II designation involves continuous monitoring and improvement, assuring our customers that our controls will continue to be effective. Finally, a SOC2, Type II is a crucial factor in the vendor selection process, allowing customers to make informed decisions based on Appfire’s commitment to security and availability.

Appfire has also updated it's CAIQ Lite and SIG Lite pre-completed security questionnaires to further assist customers in their assessments and evaluations.

Thank you for continuing to be our customer.

Best Regards,

Doug Kersten

CISO

Appfire.com

Published at N/A

Appfire announces its "Atlassian Host Platform Compatibility Policy"

Compliance
Copy link

Hi all,

Appfire is announcing its "Atlassian Host Platform Compatibility Policy" defining the range of Atlassian Host Platform versions that our Data Center apps will support.

Please see the document in Appfire's trust center by navigating to the Policies Card, and then to "Atlassian Host Platform Compatibility Policy"

Appfire Legal & Infosec Team

Published at N/A*

Appfire security advisory on Snowflake Breach - Account Compromise

Incidents
Copy link

Background

Snowflake is a database vendor used by Appfire for data insights and analytics. It is not used by any of our marketplace applications. Snowflake has an ongoing investigation involving a targeted threat campaign against some Snowflake customer accounts. The initial attack methods revolves around compromise of user accounts that are not secured by MFA or other restricted access methods. According to Snowflake this compromise is not due to a vulnerability in Snowflake’s cloud offering.

Appfire Evaluation

Appfire is not impacted by this breach. As of this writing, Snowflake has stated that there was no breach of their systems nor exploitable vulnerability in their products. Regardless, our information security teams reviewed the controls in place around our instances of Snowflake, and reviewed logs against the indicators of compromise that were shared by Snowflake. We confirmed that none of the recently disclosed events impacted Appfire or our usage of Snowflake. If you would like more information about Snowflake's response to these recent events, please refer to their web site and community forum.

Published at N/A

Appfire SOC 2, Type II Audit Completed!

Compliance
Copy link

🔒 We’re proud to share some exciting news… Appfire hasc ompleted our SOC 2, Type II audit!

As we continue to prioritize the security of our technology, this latest recognition further demonstrates Appfire’s commitment to security and compliance for our customers, prospects, partners, and team members.

Learn more: https://bit.ly/3SJJN3z

Get it here: https://trust.appfire.com/?itemUid=7bfa66da-33ab-49de-8391-e329738a1ae9&source=click

Published at N/A

Appfire 2024 CAIQ-Lite & SIG-Lite released

Compliance
Copy link

Hi all,

Appfire is happy to announce we have released our updated 2024 CAIQ-Lite and SIG-Lite questionnaires. We've made a lot of improvements in the last year, including obtaining ISO 27001 and ISO 27017 certifications and completing SOC 2 audits, and these changes are now reflected in our questionnaires.

CAIQ-Lite

SIG-Lite

On a separate note, we have completed our new SOC 2, Type II audit and are expecting the final report any day. Our results were excellent and we'll send out an update on the Trust Center once it is available.

In addition, we are actively working on our penetration tests and have been updating new test results on an ongoing basis. In 2024 we've decided to test all of our apps twice a year vs. annual testing. This has resulted in Appfire bringing on a new vendor who can support the volume since we will be testing hundreds of apps every 6 months. Thank you for your patience as we roll this out. If you have a specific app or apps you would like us to prioritize, please reach out.

Thanks again for your trust,

Douglas J. Kersten CISO Appfire

Published at N/A

If you need help using this Trust Center, please contact us.

Contact Support

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo