Is your source code safe?

The enormous costs associated with data breaches can be prevented by performing security assessments before your applications are built and deployed. The average total cost of a data breach is $3.62 million, yet not enough companies are scanning their code for vulnerabilities.



Shift Left: Source Code Security

Every year, companies release new software and are surprised by a zero day attack. When teams address security vulnerabilities at the source code level, it can prevent attacks like this from happening. At Assembla, we offer an automated vulnerability scan, seamlessly integrated with your SDLC.

Automated Vulnerability Scanning

Simple open source dependency scans are important, but aren't enough to prevent a breach - 75% of breaches reported in 2017 were caused by developers inserting secret keys and passwords directly into source code. Assembla is committed to delivering a suite of automated scans that detect a range of real threats, from open source dependencies to secret keys, passwords and more.

Assembla Static Analysis supports most languages for desktop, web and mobile applications.

Java , .NET , JavaScript (including AngularJS, Node.js, and jQuery), Python, Perl, PHP, Ruby on Rails, iOS (Objective-C and Swift), Android (Java), PhoneGap, Cordova, Titanium, Xamarin, C/C++ (Windows, RedHat Linux, OpenSUSE, Solaris), COBOL, RPG, Visual Basic 6.

Assembla lets you move development to the cloud while maintaining your regulatory & security requirements.

Assembla is also fully certified on PrivacyShield. The full report is available on request.

Assembla has successfully completed the Cloud Security Alliance STAR self assessment.

We are Level 3 PCI certified and partner with Level 1 provider Chargify to process transactions. Download our PCI DSS certificate here.

Our security controls are audited each year, following the AICPA SSAE-16 SOC 2 guidelines for the Security and Availability principles. The full report is available on request.

All Assembla Cloud Services follow DevOps principles and are using automated, continuous deployment for all application code.

Download the Free Whitepaper

How Assembla Approaches Security

Managed Private Cloud

Assembla offers multiple infrastructure design options including managed private cloud. Global deployment options with multi-node infrastructure in North America, EMEA and APAC. Can be customized to meet unique compliance security and SLA requirements up to 99.99%.

Our Security Roadmap

Assembla is fully committed to GPDR and HIPAA compliance in 2018.