Security and trust have become increasingly important requirements for our customers in Cloud. We’re working to make it easier for you to build and maintain secure apps for Atlassian products.
In this session, Engineering Team Lead Dugald Morrow and Principal Product Manager Joël Kalmanowicz will explain how security and trust have been baked into the Forge framework and the benefits the platform can offer you and your users. Learn how much less work it can be to build trusted apps customers will love on Forge by going deep on the safeguards we’re putting in place.
Developers or attendees with some software security experience will get the most out of this session.
6. It would be amazing if Atlassian provided a
platform for deploying your apps, so that us
developers could worry less about security and
customers could have more trust in apps’
performance, security, and handling their data.
VITALII ZURIAN | CO-FOUNDER | LIZARD BRAIN
10.
hosting, and running it
People writing code,
Certifications PlatformDevelopers
Third-party review:
SOC2, ISO, etc.
Distributing code,
Sources of Trust
11.
hosting, and running it
Certifications PlatformDevelopers
Third-party review:
SOC2, ISO, etc.
People writing code, Distributing code,
Sources of Trust
20. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Varies
Customer trust
21. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Data
management
Varies
Customer trust
22. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Data isolation
Data
management
23. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Data storage
Data isolation
Data
management
24. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Data storage
Data isolation
Data egress
Data
management
25. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Control &
transparency
Data
management
Data storage
Data isolation
Data egress
26. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Control &
transparency
API restrictions
Data
management
27. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Control &
transparency
API restrictions
User consent
Data
management
73. Data Isolation
Invocation Service
Node Runtime
App Bundle
App Isolate
CALL WITH CONTEXT
INVOKE FUNCTION
1
3
CREATE FROM SNAPSHOT2 CREATE FROM SNAPSHOT2
1
2
3
75. Data Isolation
Customer A Customer B
App
Snapshot
App
data = global.cache[issueKey];
data.status = foo;
data = global.cache[issueKey];
data.status = bar;
118. Permits: API Enrollments
GrantedPermit Scopes
Jira
Confluence
Installation in Jiraapp
First user request to Jirauser
Installation in Confluenceapp
user First user request to Confluence
170. Data egress
API access
“consent to risk”
Trusted UX
Hosted apps
Local data store
“trusted baseline”
Read API access
Summary
“democratized app installation”
181.
hosting, and running it
Sources of Trust
Certifications PlatformDevelopers
Third-party review:
SOC2, ISO, etc.
People writing code, Distributing code,
182. Challenges in Building Trust
Simple,
secure auth
Performance &
reliability
Control &
transparency
Data
management