A bug bounty program is one of the most powerful post-production tools you can implement to help detect vulnerabilities in your applications and services. Crowdsourcing vulnerability discovery augments the skills of your team by providing access to a skilled pool of security researchers.
The Atlassian Marketplace Bug Bounty Program is hosted on Bugcrowd, a SaaS platform built to crowdsource vulnerability discovery from a global pool of talented security researchers. Marketplace Partners who join this program allow the security researchers to test their applications for security vulnerabilities who are then rewarded based on severity of the vulnerability discovered. The result is a cost efficient solution for Marketplace Partners to discover and fix vulnerabilities in their apps on an ongoing basis which results in more secure apps for customers.
Marketplace apps that are currently participating in the Marketplace Bug Bounty Program are identifiable by the security badge on their Marketplace app listing. For more information on how the Marketplace Bug Bounty Program is run, please review the information on our Developer page.