Sync Poker - Planning & Estimation

Do Async •

95 installs, since August 16, 2023. 4 installs/month. Updated March 24, 2024.

Free No touch

Software development Collaboration Productivity & efficiency

View on Marketplace

Planning Poker for estimating your backlog for collocated, distributed, and remote teams.

🃏 Sync Poker for monday.com is a consensus-based, gamified agile estimating and planning application. It utilizes a technique called Planning Poker, also known as Scrum Poker.

Sync Poker for monday.com suits various teams, such as collocated, distributed, hybrid, or remote Agile teams. It increases the accuracy 🎯 of estimations, team collaboration, transparency, and fairness.

With Sync Poker, you can be sure you get the following:

🧑‍🤝‍🧑 Collaboration. Prepare a game ahead of the estimation meeting and allow all participants to add items.
🎢 Real-time. All estimates are given in an interactive synchronous way.
🏹 Unbiased voting. Each member provides the estimate based on their understanding in private.
⚙️ Suits for any project. You only need a numeric column for storing estimation results.

If you are more interested in more time-efficient asynchronous estimation, check our Async Poker app out.

Security & Compliance

Security

Does the developer periodically perform penetration testing?

Not answered

Does the developer have a dedicated security and privacy point of contact for such issues or questions?

Not answered

Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?

Yes

There is no possibility for users to share a link on somehow make our app to redirect a user somewhere.

Does the app protect against mass parameter assignment attacks?

Yes

We only allow parameters that are described in our input types.

Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?

Yes

We sanitize user's input with https://github.com/apostrophecms/sanitize-html And we have set up WAF rules on cloudflare.

Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?

Yes

We do not use cookies for session and authentication. We use monday SDK seamless authentication.

Does the developer have mechanisms to notify monday.com in case of a security breach?

Yes

We notify monday.com by sending an email to [email protected] as soon we identify a breach.

Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?

Yes

Database and hosting updates and security patches: We use Heroku, and all patches are handled by heroku. Security patches to the application: We host our code on github and use dependabot. Dependabot creates a new pull request whenever there is a new security update. We check the update and deploy the app.

Compliance

Is the app certified with the information security standard ISO/IEC 27001:2022?

Not answered

Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?

Not answered

Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?

Not answered

Is the app compliant with the General Data Protection Regulation (GDPR)?

Not answered

Data

Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).

Not answered

Where does the app store logs data?

Not answered

Where does the app store the app data?

Not answered

Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?

Yes

Firs of all we ensure that app does not log sensitive and secret data. We use Datadog for logging and we enabled Sensitive Data Scanner and applied a rule to redact sensitive data if found

Is customer data segregated from the data of other customers (for example logically or physically)?

It's a classical multi-tenan application. We have logical separation by account_id that we receive with JWT token

Privacy

Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?

Yes

That's a rule. MFA is enforced an all services which allow to do that.

Does the developer protect access to customer data based on the principle of least privilege?

Yes

Only me

Reviews

No reviews yet.

Installation history

We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.

ID: 10000277 • App ID: 10089317 • Listing updated: October 13, 2024

{
  "id": 10000277,
  "description": "<p>🃏&nbsp;<strong>Sync Poker for monday.com&nbsp;</strong>is a consensus-based, gamified agile estimating and planning application. It utilizes a technique called&nbsp;<strong>Planning Poker,&nbsp;</strong>also known as&nbsp;<strong>Scrum Poker</strong>.</p><p><br></p><p><strong>Sync Poker for monday.com&nbsp;</strong>suits various teams, such as collocated, distributed, hybrid, or remote Agile teams. It increases the accuracy 🎯 of estimations, team collaboration, transparency, and fairness.</p><p><br></p><p>With&nbsp;<strong>Sync Poker,&nbsp;</strong>you can be sure you get the following:</p><ul><li>🧑‍🤝‍🧑&nbsp;<strong>Collaboration.&nbsp;</strong>Prepare a game ahead of the estimation meeting and allow all participants to add items.</li><li>🎢&nbsp;<strong>Real-time.&nbsp;</strong>All estimates are given in an interactive synchronous way.</li><li>🏹&nbsp;<strong>Unbiased voting.&nbsp;</strong>Each member provides the estimate based on their understanding in private.</li><li>⚙️&nbsp;<strong>Suits for any project.&nbsp;</strong>You only need a numeric column for storing estimation results.</li></ul><p><br></p><p>If you are more interested in more&nbsp;<a href=\"https://doasync.com/blog/async-poker-vs-planning-poker/\" rel=\"noopener noreferrer\" target=\"_blank\">time-efficient asynchronous estimation</a>, check our&nbsp;<a href=\"https://monday.com/marketplace/10000119\" rel=\"noopener noreferrer\" target=\"_blank\"><strong>Async Poker</strong></a>&nbsp;app out.</p>",
  "short_description": "Planning Poker for estimating your backlog for collocated, distributed, and remote teams.",
  "compliance_answers": [
    {
      "questionId": 1,
      "shortAnswer": false,
      "detailedAnswer": "It's a classical multi-tenan application. We have logical separation by account_id that we receive with JWT token"
    },
    {
      "questionId": 2,
      "shortAnswer": true,
      "detailedAnswer": "Database and hosting updates and security patches: \nWe use Heroku, and all patches are handled by heroku.\n\nSecurity patches to the application: We host our code on github and use dependabot. Dependabot creates a new pull request whenever there is a new security update. We check the update and deploy the app."
    },
    {
      "questionId": 3,
      "shortAnswer": true,
      "detailedAnswer": "We notify monday.com by sending an email to [email protected] as soon we identify a breach."
    },
    {
      "questionId": 4,
      "shortAnswer": true,
      "detailedAnswer": "We do not use cookies for session and authentication. We use monday SDK seamless authentication."
    },
    {
      "questionId": 5,
      "shortAnswer": true,
      "detailedAnswer": "We sanitize user's input with https://github.com/apostrophecms/sanitize-html\n\nAnd we have set up WAF rules on cloudflare."
    },
    {
      "questionId": 6,
      "shortAnswer": true,
      "detailedAnswer": "Only me"
    },
    {
      "questionId": 7,
      "shortAnswer": true,
      "detailedAnswer": "That's a rule. MFA is enforced an all services which allow to do that."
    },
    {
      "questionId": 8,
      "shortAnswer": true,
      "detailedAnswer": "Firs of all we ensure that app does not log sensitive and secret data. We use Datadog for logging and we enabled Sensitive Data Scanner and applied a rule to redact sensitive data if found"
    },
    {
      "questionId": 9,
      "shortAnswer": true,
      "detailedAnswer": "We only allow parameters that are described in our input types."
    },
    {
      "questionId": 10,
      "shortAnswer": true,
      "detailedAnswer": "There is no possibility for users to share a link on somehow make our app to redirect a user somewhere."
    }
  ],
  "badges_data": {
    "pricing_data": "Free",
    "acquisition_source": "No touch",
    "app_values": [
      "Popular with Dev users"
    ]
  },
  "data": {
    "terms_of_service_url": "https://doasync.com/terms/"
  },
  "keywords": "planning,\n poker,\n estimation,\n, estimate,\n backlog",
  "thumbnail_url": "https://dapulse-res.cloudinary.com/image/upload/v1692177559/monday-apps-marketplace/Do%20Async/card-image_1.png",
  "logo_url": "https://dapulse-res.cloudinary.com/image/upload/v1692177571/monday-apps-marketplace/Do%20Async/Sync_Poker_Icon.png",
  "feedback_url": "[email protected]",
  "privacy_policy_url": "https://doasync.com/privacy-policy/",
  "external_pricing_url": null,
  "featured": null,
  "security": null,
  "display_in_template_store": null,
  "acquisition_source": "No touch",
  "terms_of_service_url": "https://doasync.com/terms/",
  "label": null,
  "app_values": [
    "Popular with Dev users"
  ],
  "security_info": null,
  "gallery_assets": [
    {
      "url": "https://dapulse-res.cloudinary.com/video/upload/v1694421501/monday-apps-marketplace/Do%20Async/Sync_Poker_v2.mp4",
      "type": "video"
    },
    {
      "url": "https://dapulse-res.cloudinary.com/image/upload/v1692177560/monday-apps-marketplace/Do%20Async/Gallery-Image-01.png"
    },
    {
      "url": "https://dapulse-res.cloudinary.com/image/upload/v1692177566/monday-apps-marketplace/Do%20Async/Gallery-Image-02.png"
    },
    {
      "url": "https://dapulse-res.cloudinary.com/image/upload/v1692177563/monday-apps-marketplace/Do%20Async/Gallery-Image-03.png"
    },
    {
      "url": "https://dapulse-res.cloudinary.com/image/upload/v1692177569/monday-apps-marketplace/Do%20Async/Gallery-Image-04.png"
    }
  ],
  "pricing_data": "Free",
  "marketplace_developer_id": 10000058,
  "app_id": 10089317,
  "marketplace_category_ids": [
    10000000,
    8,
    6
  ],
  "name": "Sync Poker - Planning & Estimation",
  "app_scope_str": "boards:write,boards:read,users:read,account:read,notifications:write,teams:read,updates:read",
  "app_client_id": "77d6697842974d5c0534750cf449c6e4",
  "app_color": {
    "hsl": {
      "h": 0,
      "s": 0,
      "l": 1,
      "a": 1
    },
    "hex": "#ffffff",
    "rgb": {
      "r": 255,
      "g": 255,
      "b": 255,
      "a": 1
    },
    "hsv": {
      "h": 0,
      "s": 0,
      "v": 1,
      "a": 1
    },
    "oldHue": 0,
    "source": "rgb"
  },
  "created_at": "2023-08-16T09:11:57.548Z",
  "updated_at": "2024-10-13T08:07:37.756Z",
  "how_to_use_url": "https://doasync.com/monday/sync-poker",
  "automation_app_id": null,
  "plans": null,
  "featured_for_categories_ids": [],
  "pinned_for_categories_ids": [],
  "pricing_model": null,
  "app_type": "app",
  "display": null,
  "is_connector": null,
  "google_analytics_tag_id": null,
  "app_live_version": {
    "updated_at": "2024-03-24T08:51:45Z",
    "id": 10152583
  },
  "is_solution": null,
  "available_for_tiers": null,
  "available_for_products": null
}

Sync Poker - Planning & Estimation

Planning Poker for estimating your backlog for collocated, distributed, and remote teams.

Security & Compliance

Security

Compliance

Data

Privacy

Reviews

Installation history

Table of Contents