Dike - SOC2 Compliance Monitoring
Dike is an Atlassian Forge app that provides automated SOC2 compliance monitoring for development teams. It analyzes your GitHub repositories to identify compliance violations and presents them directly within Jira.
What is Dike?
SOC2 compliance requires that software development teams follow strict change management controls:
- All code changes should be tracked and associated with authorized work items
- Changes should undergo proper code review before deployment
- Direct access to production branches should be restricted
- All activities should be logged and traceable
Dike automates the detection of violations against these controls by continuously monitoring your GitHub repositories. When violations are detected, they're automatically recorded in Jira where your team can review, acknowledge, and remediate them.
Key Features
Automated Monitoring
Dike continuously scans your GitHub repositories for compliance violations. Scans run automatically every 5 minutes for incremental checks and hourly for deep analysis.
Native Jira Integration
Compliance violations are created as Jira issues, integrating seamlessly with your existing workflows. Use JQL to filter, search, and report on violations.
Configurable Rules
Define your own compliance rules or use pre-configured templates. Customize which repositories to monitor, which branches to check, and what constitutes a violation.
Historical Analysis
When first connected, Dike scans the last 365 days of commits and pull requests, giving you immediate visibility into your compliance history.
The Five Compliance Checks
Dike monitors five key areas of SOC2 compliance:
| Check | What It Detects | Why It Matters |
|---|---|---|
| Commits Without Issues | Commits not linked to Jira issues | All changes should be traceable to authorized work |
| PRs Without Issues | Pull requests without Jira issue references | Change management requires documented authorization |
| PRs With Failing Checks | PRs merged despite failing CI/CD | Quality gates must be respected |
| PRs Without Approvals | PRs merged without code review | Code review is a critical security control |
| Direct Commits to Main | Commits bypassing the PR process | Protected branches prevent unauthorized changes |
Getting Started
Ready to set up Dike? The setup process takes about 10-15 minutes:
- Install Dike from the Atlassian Marketplace
- Connect your GitHub account
- Create a Jira project for compliance violations
- Enable the compliance rules you need
Learn More
- Configuration Guide - Complete settings reference
- Working with Violations - Managing detected violations
- Building Dashboards - Creating compliance dashboards