Menu
Atlassian offers up to US$3000 per bug in new bounty program

Atlassian offers up to US$3000 per bug in new bounty program

Partners up with Bugcrowd

Atlassian founders Mike Cannon-Brookes and Scott Farquhar

Atlassian founders Mike Cannon-Brookes and Scott Farquhar

Atlassian is set to offer security researchers up to US$3000 ($3906) per bug in its very first bug bounty program to be run through Bugcrowd.

Bugcrowd, a crowdsourced security testing firm, will tap into its community of nearly 60,000 cybersecurity researchers for continuous testing of Atlassian’s collaboration tools.

The testing will begin with Atlassian's JIRA and Confluence cloud products, with plans to expand the scope to additional Atlassian cloud and server products in the months to come.

Financial rewards with be dished out to security researchers for each bug identified, depending on the impact and severity of the vulnerabilities identified on its JIRA and Confluence platforms.

This news follows the integration of Bugcrowd's Crowdcontrol platform and JIRA to improve the application security workflow from start to finish, and the success of Atlassian’s private bug bounty program.

Atlassian expects the partnership with Bugcrowd to reinforce the security of the company's products and strengthen its vulnerability management program.

"The economics of bug bounties are too overwhelming to ignore," Atlassian head of security, Daniel Grzelak, said.

"Our traditional application security practice produces great results… but the breadth and depth of post-implementation assurance provided by the crowd completes the secure development lifecycle. Multiplying the specialisation of a single bounty hunter by the size of the crowd creates a capability that just can't be replicated by individual organisations."

Bugcrowd founder and CEO, Casey Ellis, mentioned that expanding its bug bounty program enables Atlassian to tap into the security researcher community to help keep its products and customers secure.

"Organisations worldwide trust the productivity of their teams to Atlassian," Ellis said.

“By demonstrating its security posture, Atlassian is not only instilling confidence in the security of its products, it’s upholding one of the company's core values: transparency, and demonstrating a position of true leadership when it comes to the security of their customers,” he added.

The launch of the bug bounty program follows the discovery of a vulnerability on a third-party library that affected Atlassian’s HipChat team chat platform.  

Atlassian’s chief security officer, Ganesh Krishan, sent an email to users on 25 April, revealing that the company’s security intelligence team had detected an incident affecting the platform, that may have resulted in unauthorised access to some user account information.

The company then prompted a mass password reset for the company’s services not long after.

Atlassian also recently launched a new package of offerings for the enterprise market for easier products and services bundling for partners and customers and automation enhancements to its code management and continuous integration platforms.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags atlassianBug Bounty ProgramBugcrowd

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments