...
The App’s team does not have access to user data. In cases where they have to access the user data in order to perform support services or to respond to an incident, we will ask for your consent
| Talk | ||
|---|---|---|
|
...
Users get access to the App only by logging into Jira. The App uses the Atlassian Connect that , which relies on HTTPS and and JWT authentication to secure communication between the App, the Atlassian product, and the user. Please learn more about Atlassian Connect security.
Приложение хранит данные аутентификации к серверам TeamCity в зашифрованном виде. Шифрование и дешифрование происходит с помощью механизма AWS Encryption SDK. У разработчиков нет доступа к ключу шифрования. Ротация ключа шифрования происходит каждый год. Аутентификация в TeamCity происходит с помощью basic HTTP authentication.The basic HTTP authentication is used for authentication in TeamCity. The application stores the authentication data to the TeamCity servers in encrypted form. Encryption and decryption are performed using the AWS Encryption SDK engine. The encryption key is rotated yearly, and developers have no access to it.
Permissions
The maximum set of actions TeamCity Integration for Jira app may perform is expressed in the scopes in the App descriptor and is presented to the administrator during installation. This security level is enforced by Atlassian Connect and cannot be bypassed by app App implementations.
Here is the list of all used scopes:
READ- View – view, browse, and read information from Jira.WRITE- Create – create or edit content in Jira, but not delete content.DELETE- Delete – delete content in Jira.
Learn more in the scopes documentation.
Взаимодействие приложения с Жирой
Мы не храним данные из Жиры в наших таблицах. Приложение только актуализируем данные билдов и деплойментов в Development Panel в Жире. Эндпоинты по получению информации о задаче или проекте используются только для резолва ключа по идентификатору.
...
The App Interaction with Jira
The App does not store data from Jira in its tables but only updates the build and deployment data in the Development Panel in Jira. The endpoints for obtaining information about a task or project are used only for resolving a key by identifier.
The following endpoints are used:
POST /rest/api/3/permissions/check
GET /rest/api/3/issue/{issueId}
GET /rest/api/3/project/{projectId}
POST /rest/builds/0.1/bulk
DELETE /rest/builds/0.1/bulkByProperties
POST /rest/deployments/0.1/bulk
DELETE /rest/deployments/0.1/bulkByProperties
Взаимодействие приложения с TeamCity
Приложение не изменяет билды в TeamCity, а только получает информацию
...
The App Interaction with TeamCity
The App does not modify builds in TeamCity, but receive information using the following endpoints:
GET /app/rest/buildTypes/{btLocator}
GET /app/rest/server
GET /app/rest/users/{userLocator}
GET /app/rest/changes
GET /app/rest/builds
GET /app/rest/builds/{buildLocator}
Uptime
The App has uptime of 99.99% or higher. You can check our current and historic status at https://stats.uptimerobot.com/jqxnBSYvO3
...
On an application level, we use logs for all activity in combination with the Datadog monitoring service. The app App also uses Sentry.io, a client-side error monitoring tool that helps us discover, triage, and prioritize app App errors in real-time.
Encryption
...
We retain client's data for no more than 60 days from the moment the App was deleted from a workspace
. If a client reinstalls the App, they have their data already pre-configured.Talk id talk-4682
...
Current TeamCity Integration for Jira Third-Party Subprocessors
TODO Subprocessors?
For the list of the sub-possessors and the categories of data they collect please refer to our App-specific Privacy Policy.
...
In case you've identified a security concern, please email us at tech-support@stiltsoft.com or create a request in our support system. We'll work with you to make sure we understand the issue and address it promptly. Talk
White hat researchers are always appreciated, and we won't take legal action against you if you act accordingly.