Ensure a secure DevOps lifecycle by selecting a software development platform that protects, audits, and monitors your company’s most valuable assets. Assembla exceeds controls, compliance, and security standards to ensure that your software development process is locked down from end to end. Here's how we do it.
Data breaches are preventable, and no one wants to be the next big breach story. Learn how to secure your source code in 2019.
Advanced User Permission Controls allow you to limit access to projects and repositories based on user type, as well as give you the power to customize access to all projects and repos. This security feature greatly reduces the amount of time you spend managing your team while helping you achieve security peace of mind in the software development process.
With a bird's-eye view of your users and the files and repos they can access, Assembla makes it easy to oversee the work that happens both inside and outside your company. Flexible permissions for users and groups ensure everyone in your organization gets the right level of access. Plus, you can count on a quick setup and rollout with AD/LDAP for simple user account management, as well as SAML 2.0 for streamlined integrations with Single Sign-On (SSO).
Assembla is dedicated to providing best-in-class security, compliance, and data protection for our customers. Whether you need to meet specific industry regulations or international security and data privacy standards, Assembla has all of the tools needed to become and stay compliant.
Track each change made to your source code from project start to finish. Quickly prove to auditors that your organization has the control and monitoring in place to ensure regulatory compliance. Track actions like repo access, code reviews, merge requests, Git pushes, and more. Search for activity by specific users and specific date ranges and generate audit reports straight from your browser.
Audit logs let you track actions like repo access, code reviews, merge requests, Git pushes, and more. Search for activity by specific uses and specific date ranges and generate audit reports straight from your browser in XML, CSV, or PDF so your audit process is quick and painless.
Automate your workflows to take the work out of regulatory compliance. Require code reviews and prevent commits from users groups with Protected Branches. Receive emails and push notifications when key changes are made to your source code.
MyGet real-time software license detection tracks your teams package usage and detects dependencies across all of your packages. Customized usage policies ensure your teams are only using approved packages while reporting vulnerabilities and outdated packages early in your software build and release cycles.
MyGet automates build and packaging processes from a centralized cloud platform. MyGet speeds up the development lifecycle while integrating seamlessly with your existing DevOps workflows. Package, version, & publish from GitHub, Assembla, Visual Studio Team Services, and BitBucket.
We offer the Assembla service from multiple data centers with strong security practices that are independently validated by third-party auditors. Every file you store with Assembla is maintained and encrypted using AES 256-bit encryption in geographically diverse areas, leveraging both the Assembla data centers as well as the redundant facilities managed by our partner AWS.
The Assembla leadership team has over 100 years of combined experience serving clients with dedicated & cloud hosting, source control systems & software, and project management. We enable over 1 million users distributed in over 100 countries to manage all of their repos from a central, secure control point with industry-leading compliance and security.
Assembla uses HackerOne, a leading premier vulnerability coordination platform. The basics of HackerOne are simple. Assembla creates our own security program page with instructions for HackerOne experts.
Our operational playbook includes a bottom-up evaluation of the risks to security, risk mitigation techniques and ongoing areas of investment to further reduce risks, surrounded by a 24/7/365 DevOps team.