Why We’re Letting 60,000 Bugcrowd Security Researchers Ethically Hack Us

Atlassian has launched its first public bug bounty program, expanding existing programs for Trello and StatusPage to include JIRA and Confluence Cloud, with plans to add more products in the future. The new program uses Bugcrowd, a provider of crowd-sourced security testing, to provide nearly 60,000 external cybersecurity researchers to test Atlassian's products. These researchers use well-defined guidelines to perform their research, which is then shared through a standardized reporting mechanism and triaged by Bugcrowd's application security engineering team.