Press Release

Bugcrowd Launches Public Bug Bounty Program for Atlassian


SAN FRANCISCO – July 12, 2017 – Bugcrowd, the leader in crowdsourced security testing, today announced the launch of a public bug bounty program for Atlassian Corporation (NASDAQ:TEAM), the leading provider of team collaboration and productivity software. Following the the success of Atlassian’s private program, Atlassian is now launching a public program that will reinforce the security of the company’s products and strengthen its vulnerability management program. The bounty program will leverage the full scope of Bugcrowd’s nearly 60,000 cybersecurity researchers for continuous testing of the company’s collaboration tools, beginning with its JIRA and Confluence cloud products, with plans to expand the scope to additional Atlassian Cloud and Server products in the months to come. This news follows an integration between Bugcrowd’s Crowdcontrol platform and JIRA to improve the application security workflow from start to finish.

Atlassian will start by rewarding security researchers up to $3,000 USD per bug identified depending on impact and severity of vulnerabilities identified on its JIRA and Confluence products.

“The economics of bug bounties are too overwhelming to ignore,” said Daniel Grzelak, Head of Security, Atlassian. “Our traditional application security practice produces great results early in the lifecycle and deep in our services,  but the breadth and depth of post-implementation assurance provided by the crowd really completes the secure development lifecycle. Multiplying the specialization of a single bounty hunter by the size of the crowd creates a capability that just can’t be replicated by individual organizations.”

Atlassian believes that collaboration is fundamental to any software or business team’s success, and leveraging the power of the crowd for security testing is a natural extension of this. Bugcrowd’s enterprise-grade platform connects organizations with a curated crowd of tens of thousands of researchers for speedy identification and remediation of critical vulnerabilities, while its specialized team manages programs every step of the way to ensure organizations of any size realize true value and success from their crowdsourced security program.

“Organizations worldwide trust the productivity of their teams to Atlassian,” said Casey Ellis, CEO and founder of Bugcrowd. “By expanding their bug bounty program, Atlassian is tapping the world’s best security researcher community to help keep their products and customers secure. By demonstrating their security posture, Atlassian is not only instilling confidence in the security of their products, they’re upholding one of the company’s core values: Transparency, and demonstrating a position of true leadership when it comes to the security of their customers.”

Bugcrowd architects security expertise into the design, support and management of every program. Companies like Mastercard, TripAdvisor, Pinterest, Motorola, FitBit, Western Union, NETGEAR, OWASP and Fiat Chrysler of America rely on this level of service to optimize the success of their bug bounty programs. To learn more about why some of the biggest brands in the world rely on crowdsourced security, visit www.bugcrowd.com.

To learn more about Atlassian’s public bug bounty program or to participate, visit bugcrowd.com/atlassian.

Additional Resources:

About Bugcrowd

Bugcrowd delivers the ultimate in security assessment for the enterprise. The pioneer and innovator in crowdsourced security testing for the enterprise, Bugcrowd combines the power of more than 60,000 security researchers and its proprietary Crowdcontrol platform to surface critical software vulnerabilities, and level the cybersecurity playing field. Bugcrowd provides a range of public, private, and on-demand options that allow companies to commission a customized security testing program to fit their specific needs.  Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures and Salesforce Ventures. Bugcrowd is a trademark of Bugcrowd, Inc. Learn more at www.bugcrowd.com.