SymphonyAI Summit is highly committed to addressing security-related incidents reported by Customers, Partners. As a product, it carries third-party apps/connectors to provide extended features & functionalities.
This document provides detailed insight on those associated third-party products and their Security responsibility information.
In General applications, third-party software integrated/customized (excluding out of box Libraries, codes, or Integrations) with SymphonyAI Summit specific to the Customer environment is not part of SymphonyAI Summit Standard Security assessment scope and the customer needs to have a self-assessment mechanism to identify security compliance before moving to Production. If the Customer needs SummitAI assistance to perform the security assessments, it will be taken up with additional charges from SymphonyAI Summit’s authorized vendor (KPMG).
- Third-Party integrations (Ex: Workday, JIRA etc.,)
- Orchestration Customized Use cases
*The below list excludes any third-party software/components/libraries used to build the SymphonyAI Summit product as by default it gets through the SymphonyAI Summit Standard Security Assessment program.
|Associated Product Name||Associated Module||Brief Description||Applicable Product Names||Type of Integration/Vendor relationship with SymphonyAI Summit||Hosted Infrastructure||Is VAPT certified along with SymphonyAI Summit Code?||How Summit hands Security?||Associated Product Security Page/Portal Link||Remarks|
|Advanced Reporting Platform||Reporting||Provides the advanced reporting capability||Izenda
|OEM||Bundled along with SymphonyAI Summit Infrastructure||Yes, The integration code is already part of the SymphonyAI Summit VAPT assessment.
Part of Infrastructure VAPT assessment if hosted on SymphonyAI Summit Cloud
|SymphonyAI Summit accepts the reported security incidents and works with the Partner to deliver the fix in a time-bound manner.|||||
|Advanced Remote Desktop||Service Management||Provides the advanced remote desktop capabilities||ConnectWise/ScreenConnect||API||SAAS offering and the functionalities are provided on Vendor Infrastructure||Yes, only the integration part of the code.|| SymphonyAI Summit may accept the reported security incident provided the customer purchased ConnectWise Licenses from SymphonyAI Summit. SymphonyAI Summit shall adhere to Vendor Security Guidelines and release process. This is NOT applicable if the Customer has purchased the Licenses directly from Vendor.||Click here|||
|SMTP Capability on SymphonyAI Summit Cloud||Platform||Provides the SMTP capabilities for Notifications. This is the default service available however, Customer is free to choose & configure their own SMTP provider.||SendGrid||API||SAAS offering and the functionalities are provided on Vendor Infrastructure||Yes, only the integration part of the code.|| SymphonyAI Summit may accept the reported security incident provided the customer has opted for the service via SymphonyAI Summit. SymphonyAI Summit shall adhere to Vendor Security Guidelines and release process. This is NOT applicable if the Customer has purchased the Licenses directly from Vendor.||Click Here|||
|Advanced Discovery Capabilities||Discovery||Provides the additional discovery capabilities for Discovery Module from CMDB, Asset management perspective||Microsoft System Center Configuration Manager (SCCM)
|External DB Views||These additional views are created at Target Vendor Database and related integration code will fetch the information from the target vendor database. The vendor database is hosted on Customer Infrastructure only.||Yes, only the integration part of the code.||SymphonyAI Summit may accept any reported security incident for the external views created by SymphonyAI Summit SOPs. Any other Security concerns need to be addressed by the Customer/Vendor or its Security representatives.||Microsoft SCCM|
|PowerBI||Reporting||PowerBI connectors are developed to create custom visualizations for customers carrying Power BI Licenses||Report Power BI Connector||API||API is bundled along with the product.||Yes, only the integration/API part of the code.|| SymphonyAI Summit accepts the reported security incidents on the API. Customer carries the PowerBI License and can report any powerbi related security issues on PowerBI Portal.||PowerBI Security Whitepaper.||PowerBI|