Case Study: Atlassian strengthens Marketplace security with Bugcrowd

Bugcrowd’s custom program for Atlassian Marketplace

Atlassian, the software company behind the Atlassian Marketplace, needed a way to better protect its growing ecosystem of third-party apps and meet new privacy and security badge requirements. As the marketplace expanded, its standard web app testing approach wasn’t enough to cover the edge cases and risks across thousands of partner applications, creating security and reputational challenges. Atlassian turned to Bugcrowd’s pen test as a service and long-running bug bounty partnership for help.

Bugcrowd and Atlassian implemented quarterly bespoke methodology assessments tailored to Marketplace apps, with researchers testing high-risk partner applications using jointly defined criteria. Bugcrowd delivered findings in real time and provided a full report within nine weeks. Over ten weeks, Bugcrowd uncovered 116 vulnerabilities, including 21% classified as critical or high severity, helping Atlassian and its partners quickly remediate issues and strengthen trust in the Marketplace ecosystem.

Atlassian

Vladimir Yastreboff

Senior Manager, Security