Report 2024 Edition
Building DevSecOps awareness is a team effort, hence we prepared a report focusing solely on practical examples, use cases, which will provide you with only the best [and tested] recommendations.
This report covers:
Human error was the culprit of the longest Atlassian downtime in history [2 weeks+]
In 2017 GitLab suffered major backup failure after data deletion incident
Organizations are losing access to data within their repos, are experiencing downtime, and data leak
SaaS providers operate in the Shared Responsibility Model. As such, they are responsible for the entire cloud infrastructure, but limit the responsibility for data protection at the account level.
GitHub Terms of ServiceYou understand that use of the cloud products necessarily involves transmission of your data over networks that we do not own, operate or control, and we are not responsible for any of your data lost, altered, intercepted or stored across such networks. We cannot guarantee that our security procedures will be error-free, that transmissions of your data will always be secure or that unauthorized third parties will never be able to defeat our security measures or those of our third party service providers.
Make sure yourself
Atlassian Security PracticesWe do not use these backups to revert customer-initiated destructive changes, such as fields overwritten using scripts, or deleted issues, projects, or sites. To avoid data loss, we recommend making regular backups.
Make sure yourself
GitLab Subscription AgreementCustomer is responsible for implementing and maintaining privacy protections and security measures for components that Customer provides and controls.
Make sure yourself
Atlassian Customer Agreement(...) neither party will have any liability arising out of or related to this Agreement for any loss of use, lost data, lost profits, interruption of business or any indirect, special, incidental, reliance or consequential damages of any kind, even if informed of their possibility in advance.
Make sure yourself
Microsoft Terms of UseIn no event shall Microsoft and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of software, documents, provision of or failure to provide services, or information available from the services.
Make sure yourselfLearn about DevOps backup best practices
