BigBrassBand markets two types of applications on the Atlassian Marketplace:
The following applies only to our Cloud products:
Security bug bounty program
The BigBrassBand Bug Bounty Program is hosted on Bugcrowd, a SaaS platform built to crowdsource vulnerability discovery from a global pool of talented security researchers. This on-going program invites security researchers to test for vulnerabilities and get rewarded for their findings. See report below.
When a critical severity security vulnerability in a BigBrassBand product is discovered and resolved, BigBrassBand will inform customers through the following mechanisms:
Earlier this year (2020), BigBrassBand LLC has joined the Atlassian Marketplace Bug Bounty program.
When a critical security issue is discovered or reported, BigBrassBand will include the fix in the next scheduled maintenance release.
Customers should upgrade to a newer version in order to fix the vulnerability.