Valiantys Ltd

ALM Solution built upon the Atlassian Suite (JIRA, Confluence, Bitbucket, etc.)

Valiantys is offering its own ALM solution built upon the Atlassian Suite (JIRA, Confluence, Bitbucket, etc.). This solution helps our client build great digital products, enabling a faster deployment and unmatched user adoption. Our unique ALM implementation methodology includes pre-built processes, training and a dedicated Valiantys project manager.

Features

  • Requirements management
  • Software development
  • Code review
  • Project management
  • Testing
  • Workflow management
  • Monitoring and reporting
  • Configuration management
  • Build management
  • Release management

Benefits

  • Fully integrated solution
  • Easy to use
  • Easy and fast adoption
  • Easy to configure
  • Easy reporting
  • Powerful

Pricing

£1500 to £500000 per instance per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 9

565419098041618

Valiantys Ltd

Lucas Dussurget

+44 (0)203 176 7980

orders.uk@valiantys.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints If/when security breaches are discovered by the software vendor (Atlassian), they would contact all their customers and advise on the different steps to take. If any maintenance has to be undertaken on the servers provided by Valiantys, our hosting team will contact our customers to confirm which time is most suitable for this planned maintenance. We will always aim at reducing down time and lowering the impact on users. Atlassian hardware requirements are available in the Atlassian documentation: https://confluence.atlassian.com/alldoc/atlassian-documentation-32243719.html.
System requirements
  • Licences for the required Atlassian products and potential add-ons
  • Web browser
  • Access to Internet

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We offer different support packages and have different SLAs for each of them. 1/ Standard Support: - Non-blocker issues: 16 hours - Blocker issues: 8 hours 2/ Enterprise Support: - Non-blocker issues: 8 hours - Blocker issues: 4 hours Available packages: 25, 50 and 100 hours. 3/ Unlimited Support: a) Essential: - Non-blocker issues: 16 hours - Blocker issues: 8 hours b) Advanced: - Non-blocker issues: 8 hours - Blocker issues: 4 hours c) Critical: - Non-blocker issues: 4 hours - Blocker issues: 2 hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Users will be granted access to our instant messaging platform (Atlassian HipChat) and will be able to start chatting with our support team on their specific issues. They will be able to access a specific room dedicated to their issue but won't have access to the rest of the instance.
Web chat accessibility testing When pages utilize scripting languages to display content, or to create interface elements, the information provided by the script shall be identified with functional text that can be read by Assistive Technology. When electronic forms are designed to be completed on-line, the form shall allow people using Assistive Technology to access the information, field elements, and functionality required for completion and submission of the form, including all directions and cues. At least one mode of operation and information retrieval that does not require user vision shall be provided, or support for Assistive Technology used by people who are blind or visually impaired shall be provided. At least one mode of operation and information retrieval that does not require visual acuity greater than 20/70 shall be provided in audio and enlarged print output working together or independently, or support for Assistive Technology used by people who are visually impaired shall be provided. At least one mode of operation and information retrieval that does not require user hearing shall be provided, or support for Assistive Technology used by people who are deaf or hard of hearing shall be provided More information available here: https://confluence.atlassian.com/display/ACCESSIBILITY/HipChat+VPAT+for+Section+508+compliance
Onsite support Yes, at extra cost
Support levels We offer different support packages and have different SLAs for each of them. 1/ Standard Support: - Non-blocker issues: 16 hours - Blocker issues: 8 hours No chat support, no screen sharing sessions, no phone support (only emails). = From £2,850 to £9,200 (12-month contract) 2/ Enterprise Support: - Non-blocker issues: 8 hours - Blocker issues: 4 hours = From £4,290 to £13,850 (12-month contract) Available packages: 25, 50 and 100 hours. 3/ Unlimited Support (unlimited hours): a) Essential: - Non-blocker issues: 16 hours - Blocker issues: 8 hours = £23,750 (12-month contract) b) Advanced: - Non-blocker issues: 8 hours - Blocker issues: 4 hours = £42,750 (12-month contract) c) Critical: - Non-blocker issues: 4 hours - Blocker issues: 2 hours = £52,250 (12-month contract) Support is provided from 8am to 6pm UK Time. Extended business hours - 6pm to 11pm UK time - can be requested for an additional 20% of the initial cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started - Online documentation
- Training if required (additional cost)
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats Online
End-of-contract data extraction Users can extract all data through an XML export.
End-of-contract process We will provide an XML export containing all the tools' data. We would then delete all backups and any sensitive information from the client. Data migration to another system may require days of consultancy, which would come at an additional cost.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Our service can be accessed through a browser on mobiles as well. In this case, there wouldn't be any difference with the desktop service. The client can also install the mobile application which has a different user interface. Functionalities available in the desktop version may not always be available in the mobile version. We will be able to confirm those differences and limitations based on the client's requirements.
Accessibility standards None or don’t know
Description of accessibility Our service is accessible through a web browser with a password and user name (2-factor authentication available on demand). Accounts are granted to a certain number of users at the beginning of the contract, and can be synchronised with existing data bases (e.g. LDAP). Specific access management services can also be provided to each client based on their precise requirements (e.g. VPN).
Accessibility testing All relevant information can be found here: https://www.atlassian.com/accessibility.
API Yes
What users can and can't do using the API You can use the REST API to build add-ons for JIRA, develop integrations between JIRA and other applications, or script interactions with JIRA.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation Available customisations: - On the user interface (service provider, administrator and/or end user based on permissions) - On reports and dashboards (service provider, administrator and/or end user based on permissions) - Using add-ons to enhance the tool's functionalities (service provider, administrator and/or end user based on permissions) - Through configuration (service provider, administrator and/or end user based on permissions) - With our managed hosting service: main options are adding a staging environment, VPN Tunnel, File system encryption, Disaster recovery. (service provider) Most customisations can be done through simple configuration of the tool. Scripts or add-ons can also be used.

Scaling

Scaling
Independence of resources We set up a virtual private cloud per client.

Analytics

Analytics
Service usage metrics Yes
Metrics types We can provide service metrics regarding our managed hosting services: e.g. CPU usage, RAM, support usage, etc.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach They can export some data on their own, or can also contact their service provider for a full data export (XML).
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • PDF
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability The level of availability of our service is 99.5%. Refunds are limited to 10% of the total amount of the contract, and will be negotiated on a case-by-case basis before contract sign-off.
Approach to resilience This will mainly depend on the architecture and set up (different based on each client's requirements: i.e. cluster environment, disk speed, etc.). Network and equipment are guaranteed by a third party.
Outage reporting Email alerts and/or provided software.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Personal named accounts with password and user name.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach We try to get as close as possible to ISO-27001 but are not officially accredited at the moment.
Information security policies and processes Responsibility for security sits under the following: - Our hosting provider, which rents us a data center - Valiantys, who handle service installation and support - Atlassian, who develops and maintain the software. The main security policies/processes we follow are: - Physical and environmental security (e.g. Fire detection and suppression, Power, Climate and temperature, Storage device decommissioning, Physical access to the data center). - Business continuity management (Availability, Company-wide executive review) - Network security (Secure network architecture, Secure access points, Transmission protection, Fault-tolerant design, Network monitoring and protection, Account review and audit, Background checks, VPN, Workstation security, Separated private clouds per customer, Firewalls, etc.) - Credentials (Individual user accounts, Password policy, Multi-factor authentication, Server access) - Data security (Data access, Data deletion at the end of the contract, SSL, Data encryption, Security logs, Backups, Backup retention, Restore procedure, Restore procedure check, Pen tests) - Operations (Security organisation, Change management process, Incident management process, Problem management process, Periodic access rights review, Security incident management, Disaster recovery) For further information please contact us.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Our change management process is based on ITIL best practices. A change is created whenever something needs to be added/modified/removed on any of our server or global AWS configuration. The change will go through several validation before being released in production.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Everyone at Valiantys has the ability to create a security incident, to be handled by our hosting and support team. Security incidents are also raised when security vulnerabilities are found on Atlassian tools or any middleware tools we use (SSL, MySQL, Java, Apache Tomcat, Apache HTTPD). Our hosting and support team is continuously monitoring for potential security vulnerabilities on any of those tools. When a vulnerability is found, we immediately inform our customers, and raise a change in order to apply a patch to fix the issue in the best delay.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Everyone at Valiantys has the ability to create a security incident, to be handled by our hosting and support team. Security incidents are also raised when security vulnerabilities are found on Atlassian tools or any middleware tools we use (SSL, MySQL, Java, Apache Tomcat, Apache HTTPD). Our hosting and support team is continuously monitoring for potential security vulnerabilities on any of those tools. When a vulnerability is found, we immediatly inform our customers, and raise a change in order to apply a patch to fix the issue in the best delay.
Incident management type Supplier-defined controls
Incident management approach Incidents are created by customers using emails, our support portal or by the Valiantys hosting and support team. An incident can be declared as blocker if it has significant impact on end-users (service down or a major bug, for example). Our hosting and support team handles tickets in the following priority order: - Service down (incidents are automatically created from our monitoring tool) - 30mn SLA - Blocker incidents - Security incidents - SLA breached tickets - All other tickets

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • New NHS Network (N3)
  • Joint Academic Network (JANET)

Pricing

Pricing
Price £1500 to £500000 per instance per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Free temporary licences can be requested to evaluate the service. Those licences are valid for 30 days and offer the exact same set of functionalities as commercial licences. Temporary licences can be renewed up to two times. Please contact us to request a temporary licence.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑