How Atlassian strengthens partner compliance with Vanta for Marketplaces

The company

Unleashing the potential of every team

Founded in 2002, Atlassian is on a mission to unleash the potential of every team. The company’s suite of software development and project management tools—including Jira, Confluence, and Loom—aid collaboration, enhance productivity, and enable teams to leverage the power of software to solve the world’s biggest problems. 

As the company grew, Atlassian developed a robust network of partners that built businesses around enhancing and customizing Atlassian’s solutions. The Atlassian Marketplace officially launched in 2012, and today, it connects users with more than 5,000 different apps that enhance the functionality of Atlassian products. 

‍

The challenge

Securing the Atlassian Marketplace

The Atlassian Marketplace is an extension of Atlassian itself. As such, discerning buyers expect the same level of compliance from partners as they do from Atlassian. Understanding the value of a secure marketplace in driving adoption and growh, Phil Grove, Principal Product Manager, Ecosystem at Atlassian, sought to strengthen partner compliance at scale to safeguard customer trust. 

“Often customers expect the same level of compliance from our partners as they expect from Atlassian, and we want them to feel comfortable that they can install apps from our partners in a trustworthy, secure way.”

Managing ecosystem security concerns at scale was a top priority for the Atlassian team, but introduced resource constraints.

{{quote-2}}

In addition to cumbersome and repetitive due diligence, Atlassian’s method of validating marketplace partner security was lacking. Previously, much of the security and compliance information that Atlassian collected from partners was from questionnaires. Partners would submit the point-in-time questionnaires, and that information would then display on their Atlassian Marketplace listing—with limited real-time updates and validation. 

As Atlassian’s customer base grew and shifted toward the enterprise, the company needed a solution to provide customers with continuously validated information attesting to partner security.

The solution

Democratizing compliance for partners of all sizes

Atlassian needed a solution to help validate partner security and bring everyone in the marketplace up to a consistent standard without limiting opportunities for smaller companies and partners that don’t have robust resourcing in place to support compliance efforts. 

Vanta for Marketplaces was the ideal solution. It allows Atlassian to democratize compliance for partners, enabling smaller companies to become compliant much quicker and in a cost-effective way. 

With Vanta, partners can seamlessly achieve SOC 2 and ISO 27001, streamline due diligence and security questionnaire requests, and continuously demonstrate their security posture with a Trust Center. These security assurances ultimately drive partner app adoption and business growth. 

“The Vanta platform is so easy to use. The amount of integrations Vanta has with systems makes it very easy for our partners to plug into. Overall, the comprehensive feature set that Vanta has really puts it in a league of its own.”

In turn, Atlassian customers get peace of mind—through standardized signals to assess and report on the trustworthiness of Atlassian Marketplace partners. It also helps Atlassian prove its commitment to upleveling the trust posture of the Marketplace as a whole.

The impact

Upleving marketplace trust posture 

To date, over 400 Atlassian partners have achieved (or are working toward) attestations with Vanta or leveraging Trust Centers to proactively demonstrate their security posture. Atlassian continues to onboard more partners with Vanta and implement structures to ensure that platinum marketplace partners achieve baseline compliance milestones pursuant to Atlassian’s own rigorous security standards. 

{{quote-3}}

‍