What did we talk about?
- US Cybersecurity Agency urges users to patch Confluence
- Updates to Atlassian's Ecosystem Security Bug Bounty Programs
- Atlassian World Heart Day Fundraiser
- Seeking customer interviews: Program/Portfolio managers & Delivery leads who plan above epic level
- Jexo Partner Program Launch
- 📚 Article of the week: 10 lessons on using the flywheel effect to grow your business
Watch the video here 👇
Or listen to our podcast 🎧
US Cybersecurity Agency urges users to patch Confluence
On Friday the US Cybersecurity Agency tweeted an alert urging Confluence Server admins to patch and upgrade Confluence to the latest version. The tweet mentioned not to wait until after the weekend as attackers are actively exploiting a code execution vulnerability discovered in a prior version.
The critical issue found in Confluence versions listed on the ticket was made public on the 25th of August, advising users to patch as soon as possible.
This vulnerability enables attackers to execute code remotely without authenticating. If you're on Confluence Server, ask your admin to check the version you're on and patch ASAP if on any of the affected versions.
Updates to Atlassian's Ecosystem Security Bug Bounty Programs
There are two Atlassian bug bounty programs that went public starting on 1st September, which means they'll now accept submissions from all Bugcrowd researchers.
Just a reminder Bugcrowd is a security platform where researchers from across the world can go, test apps, and submit potential security vulnerabilities.
There are many Atlassian security programs, for example, one of them is the Marketplace Security Bug Bounty Program for Atlassian Marketplace partners like us. As of today, there are 134 Marketplace programs and partners who participate receive the Security badge in their marketplace listing. By checking these badges on the listing you can see if the app is enrolled in such a program and how much they care about security.
The two programs that are going public are Atlassian Marketplace Vulnerability Disclosure Program and Atlassian-Built Apps Bug Bounty Program. The Atlassian Marketplace Vulnerability Disclosure Program is focused on the cloud apps published by partners and developers on the Atlassian Marketplace. On the other hand, Atlassian-Built Apps Bug Bounty Program is focusing specifically on apps build by Atlassian themselves. It's also formerly known as Atlassian Ecosystem Program.
Atlassian World Heart Day Fundraiser
This month on the 29th of September is the official World Heart Day. The World Heart Federation established this international holiday to inform people around the globe about the rising issue of heart disease and stroke. Cardiovascular disease is the number one cause of death, and World Heart Day is meant to help inform and highlight actions to prevent and control.
To bring awareness and help contribute to the cause, Atlassian has partnered with the American Heart Association to raise funds to go towards helping combat heart disease and stroke. You can help by donating on the page created by Atlassian on benevity.org, and Atlassian and the AHA Foundation will triple each donation.
Seeking customer interviews: Program/Portfolio managers & Delivery leads who plan above epic level
If you're a program or portfolio manager or delivery lead who has a need to track work in Jira above Epics in Jira then don't miss this opportunity to speak to the Atlassian team. Atlassian wants to understand better any challenges related to customizing the hierarchy in Jira.
You can sign up for a 1-hour customer interview where you'll talk about structure in your projects or organization and as a reward, there is 100$ gift card.
There isn't any sign-up form but you can leave the comment in the community post and the Atlassian team will get back to you.
Jexo Partner Program Launch
Last week Jexo officially launched its Partner Program, which means we're open to collaborating with Solution Partners as well as Marketplace Partners. So far Jexo have partnered with Ascend Integrated, e-Core, and Jodocus, and we're going to communicate a bit more about each individual collaboration in the upcoming weeks.
Subscribe to Jexo's youtube channel for insightful live streams where we talk to our partners in a format called Jexo with Friends.
Our partnership program is heavily focused on marketing, and we have some great initiatives and perks for partners. So if you're interested, reach out using our dedicated page, and I can tell you more about it.
📚 Article of the week: 10 lessons on using the flywheel effect to grow your business
In this article, you'll learn how Atlassian achieved its growth over the years, and gives you 10 key tips that you should consider if you don't practice them already! The flywheel model is based on the book "Good to Great".
When practicing the flywheel model you should build a bunch of small wins that you can interpret as flywheels to gain momentum and then apply forces to go faster. The more flywheels you get, the fewer forces you need to speed things up. For example flywheels in your business are SEO, social media presence, self-serve purchases and the forces are a freemium model or improving customer and product experience.