anaplan

How it'll appear as a card

How it'll appear as a web page at github.com/customer-stories/anaplan

anaplan
anaplan logo
Customer story

Anaplan & GitHub

Anaplan helps businesses make smart, data driven decisions with advanced modeling software. With a focus on speed, flexibility, and integrity, Anaplan supports planning at more than 500 companies—helping them stay nimble, discover opportunities, and plan for their futures.

Behind its smart platform is a huge amount of data. Anaplan developers need to create a platform that’s both flexible enough to make that data meaningful to businesses across industries, while ensuring that data is secure enough to keep it private. To help their teams build a flexible, forward-thinking platform, Anaplan uses GitHub Enterprise.

A common language for developers

With 150 developers and counting, Anaplan’s team is growing fast. Onboarding can be challenging for a team that welcomes new hires every week, but providing them with tools they already know makes the process easier. Because we use GitHub, being new isn’t a barrier to getting people up and running, says Release Manager Jon Sandles.

Anaplan’s current developers also welcomed the change from bespoke Jenkins scripts to a more flexible branch-based workflow. Even before they started using GitHub, many Anaplan developers were comfortable using branches, pull requests, and the Git flow to work together. Those who had not used GitHub got up to speed during a gradual adoption. Jon adds, As we rolled GitHub out, developers who weren’t familiar with it could see projects and learn from them as they went—it wasn’t a surprise at the end.

A new standard for compliance

It takes a lot of data to create effective, accurate models and predictions. Anaplan customers trust Anaplan to store sensitive financial plans in its own data centers. As a result, the company has rigorous compliance and security requirements in place to ensure the safety and privacy of regulated financial data. Compliance is a very big deal, says Jon, and we built a lot of tooling to make sure we’re bulletproof.

As we rolled GitHub out, developers who weren’t familiar with it could see projects and learn from them as they went—it wasn’t a surprise at the end.

Anaplan employees

How Anaplan stays compliant

Despite the stringent security requirements, GitHub helps keep the team transparent, and facilitates teamwork while keeping their work audit-ready. All commits are tagged with JIRA IDs that link everything together, including all of our developer tools, says Jon. GitHub has made a huge impact on compliance, while helping us become more transparent.

GitHub has made a huge impact on compliance, while helping us become more transparent.

How do they do all of this?

At the heart of the Anaplan build and deployments pipelines are a set of automated tools that leverage the GitHub Enterprise API to regularly query and poll, and produce reports and alerts across all repositories. These keep the product team abreast of what is going on by emailing developers, creating reports in confluence, and updating JIRA and slack channels.

Product managers are informed if code is checked into the wrong repos against incorrect JIRA projects. Engineers are kept informed if pull requests are left open for too long. Code is scanned continuously by tools like Sonar and Checkmarx. Deployment scripts (e.g., Chef scripts) is also treated the same way. Everything that goes to production follows the same pipelines.

At any point in time, and specifically towards production deployment, the release and program management team are fully up to date on code base compliance and readiness.

  • industry

    Information technology

  • company size

    500+

  • location

    San Francisco, Paris, London, York

Bring GitHub to work

From flexible hosting to data‐powered security, get everything your team needs to build at their best.

Contact sales

How Anaplan stays compliant with GitHub

  • Protected branches

    Ensure code that processes data comes from a known source and gets reviewed.

  • Hard tokens

    Keep access tightly controlled by using two-factor authentication with hard tokens behind a VPN.

  • JIRA integration

    Attach all pull requests and commit comments to JIRA IDs that document whether changes are approved and tested.