Atlassian

At the core of our approach to security bug management is our bug bounty program which ensures that our products are being constantly tested for security vulnerabilities. In a truly agile development environment with frequent releases, continuous testing is a necessity. We believe the crowd of independent security researchers participating in our bug bounty provides the most effective external security testing process and way of achieving this.

Over 25 of our products or environments, ranging from our server products, mobile apps and Cloud products are in-scope for our bug bounty program, with over 500 testers registered. Details of the number of vulnerabilities reported, our average response time, and average payout, are all included within our Bug Bounty program.