cloud fortified


28 Jun 2022
by SoftComply
Table of Contents


    Last week we reached an important milestone – the SoftComply Risk Manager on Jira Cloud was awarded the Cloud Fortified badge by Atlassian.

    Cloud Fortified badge in the Atlassian Marketplace

    The SoftComply Risk Manager is the only product risk management app on Jira and the most customisable one with Risk Management guidancemultiple views to work in and compliant Risk Reporting.

    To learn more about the SoftComply Risk Manager on Jira Cloud, please book your demo here.  

    What is Cloud Fortified?

    Atlassian has built a 3-step-program for app vendors to increase their product reliability and security – Self Assessment, Bug Bounty and Cloud Fortified. We at SoftComply have gone through all the levels, receiving the Cloud Fortified badge now.

    “Cloud Fortified” is designed by Atlassian to serve the needs of customers from the regulated industries in terms of securityreliability, and support.

    Many SoftComply Risk Manager existing users are from the highly regulated safety-critical domains like medtech, fintech, aviation, space, defence, automotive and rail.

    Naturally, these users expect our app to conform to the high standards they have to conform to themselves. For several years we have been working closely with our customers to make our apps more reliable and functional. We are proud to receive the Cloud Fortified badge to testify our dedication.

    Furthermore, for companies migrating to Cloud, Cloud Fortified badge informs them about our app being reliable and meeting cloud security standards. It also demonstrates that the app is enterprise-ready and scalable.

    How does the SoftComply Risk Manager meet Cloud Fortified Requirements? 

    At SoftComply, we ensure that our Risk Manager app is working reliably and securely in the Atlassian Ecosystem, providing our customers continuous support in managing their mission-critical product and project risks.


    SoftComply uses the latest software development practices and the most secure technologies. These practices are followed in developing our customer facing apps but also in our own internal processes. Security is applied into the process of handling sensitive data as well as automated vulnerability scans as part of the vulnerability management process.

    Our main goal is to build the state of the art software with the state of the art technologies. Our team follows the simple OWASP practices with additional requirements set by Atlassian in our everyday work. You can read more about the specific Security Requirements established by Atlassian for the Cloud Fortified apps.

    NB! Atlassian apps’ security can also be tested in crowd sourced programs today. Atlassian has established the Bug Bounty program where security enthusiasts can try to find every possible security hole in your system. SoftComply apps are also part of the Bug Bounty program.


    SoftComply has also improved its automated monitoring and alerting systems over time i.e. a robust incident management process has been implemented in the entire organisation.

    Our incident management has reached the level where incidents are discovered quickly – even before customers, and the system can restore itself either autonomously or with a simple execution by our team.

    Each component’s reliability in the context of recovery has been tested and documented. Our software is measuring itself and tracks its status progress. If it notices hick-ups in performance it automatically adds power to ease the situation. The reliability of the application and the incident management process are interconnected providing the best possible service for the customers in case of any event.


    You, our customers, are our biggest value. Helping you in various situations is something we truly care about. Our support team responds to all critical support requests within one day (24 hours). 

    There are three main channels to post support requests: email (, support portal (SoftComply JSD Support Portal) and of course the traditional phone line. All the support related information can also be found in our marketplace listings.

    The SoftComply Risk Manager is the only app for product risk management in Jira and the most customisable one with risk management guidancemultiple views to work in and compliant risk reporting.

    To learn more about the SoftComply Risk Manager on Jira Cloud, please book your demo here.  

    Try us out on

    SoftComply apps are available on Atlassian Marketplace – you can try them all out for free!