SlideShare a Scribd company logo

AtlasCamp 2014: Connect Security

Atlassian
Atlassian

This document summarizes a talk on Connect security given by Peter Brownlow from Atlassian. It discusses authentication using JSON Web Tokens (JWT) to verify who sent a message, as well as authorization to control what users are allowed to do through scopes and dynamic permissions. Some potential areas of improvement mentioned include enhancing JWT security with header and body hashes, improving usability of JWT expirations, and implementing three-legged OAuth flows between applications and servers. The talk emphasized balancing security with usability according to Atlassian's value of not upsetting customers.

TechnologyBusiness
1 of 33
Download to read offline
June 3-5, 2014 | Berlin, Germany
Peter Brownlow, Senior Java Developer, Atlassian Connect Security
Connect add-ons 3.500 installs from Marketplace
in-process plugins 1.500.000 installs from Marketplace
grow 500x tension between security & usability overtake in-process plugins
Don’t #@!% the customer. - Atlassian value ” “
Questions Sneak Peeks Authorization Authentication Connect Security
Authentication who said that? ”“
Who sent the letter? sender signature
Was the letter tampered with? !!! tampering “looks wrong”
Was the letter re-sent? too long ago? postmark
JSON Web Tokens host product add-on params, token params, token e.g. https://mycompany.com/awsome?user.key=peter&jwt=… also “Authorization” HTTP header
JSON Web Tokens • structured • header JSON • claims JSON • signature • base-64 encoded {“typ":"JWT", “alg":"HS256"} .
 {“iss”:"myId", “exp":1300819380} .
 “signature” eyJ0eXAiOi12KL98udNfg8z…
JSON Web Tokens Letter ! • sender • signature • changes “look wrong” • postmark date JWT ! • issuer claim • cryptographic signature • signature, query hash claim • expiry claim
Questions Sneak Peeks Authorization Authentication Connect Security
Authorization can you do that? ”“
Authorization Scopes: compare to white-list Who can see the aliens? generals interns
Authorization
Authorization “How did that guy get in here?” How to avoid “security surprise”? Scopes displayed on installation !!!
Authorization
Authorization Personal access changes arbitrarily. Add-on user permissions How to accurately allow access?
Authorization
Authorization
Questions Sneak Peeks Authorization Authentication Connect Security
Sneak Peeks ideas in motion ”“
• Headers hash • Body hash More Custom JWT Claims?
• User loads page • Goes to lunch • Comes back, clicks link… • Expired! • Secure! But less usable. JWT expiry improvements • On click: no expiry • JavaScript API?
• Act as a specified user • Authorized by users • Server to server • 3LA Granted? • Query parameters • REST resource Three Legged Auth
Recap • Authentication • Who said that? • JWT claims • JWT signature • Authorization • Can you do that? • Scopes (static) • User permissions (dynamic)
Questions Sneak Peeks Authorization Authentication Connect Security
Questions? go.atlassian.com/ac-security

Recommended

AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About ConnectAtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About ConnectAtlassian
 
AtlasCamp 2014: Writing Connect Add-ons for Confluence
AtlasCamp 2014: Writing Connect Add-ons for ConfluenceAtlasCamp 2014: Writing Connect Add-ons for Confluence
AtlasCamp 2014: Writing Connect Add-ons for ConfluenceAtlassian
 
AtlasCamp 2014: Building a Connect Add-on With Your Own Stack
AtlasCamp 2014: Building a Connect Add-on With Your Own StackAtlasCamp 2014: Building a Connect Add-on With Your Own Stack
AtlasCamp 2014: Building a Connect Add-on With Your Own StackAtlassian
 
What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?Derek Edwards
 
Browser Security 101
Browser Security 101 Browser Security 101
Browser Security 101 Stormpath
 
AOEconf17: Application Security - Bastian Ike
AOEconf17: Application Security - Bastian IkeAOEconf17: Application Security - Bastian Ike
AOEconf17: Application Security - Bastian IkeAOE
 
Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWTTuyen Vuong
 
Securing Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationSecuring Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationStormpath
 

Recommended

AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About ConnectAtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About ConnectAtlassian
 
AtlasCamp 2014: Writing Connect Add-ons for Confluence
AtlasCamp 2014: Writing Connect Add-ons for ConfluenceAtlasCamp 2014: Writing Connect Add-ons for Confluence
AtlasCamp 2014: Writing Connect Add-ons for ConfluenceAtlassian
 
AtlasCamp 2014: Building a Connect Add-on With Your Own Stack
AtlasCamp 2014: Building a Connect Add-on With Your Own StackAtlasCamp 2014: Building a Connect Add-on With Your Own Stack
AtlasCamp 2014: Building a Connect Add-on With Your Own StackAtlassian
 
What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?Derek Edwards
 
Browser Security 101
Browser Security 101 Browser Security 101
Browser Security 101 Stormpath
 
AOEconf17: Application Security - Bastian Ike
AOEconf17: Application Security - Bastian IkeAOEconf17: Application Security - Bastian Ike
AOEconf17: Application Security - Bastian IkeAOE
 
Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWTTuyen Vuong
 
Securing Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationSecuring Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationStormpath
 
Securing Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based AuthenticationSecuring Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based AuthenticationStefan Achtsnit
 
Scout xss csrf_security_presentation_chicago
Scout xss csrf_security_presentation_chicagoScout xss csrf_security_presentation_chicago
Scout xss csrf_security_presentation_chicagoknaddison
 
Javaee7 jsr356-websocket
Javaee7 jsr356-websocketJavaee7 jsr356-websocket
Javaee7 jsr356-websocketJini Lee
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defenseSecuRing
 
Sqlviking
SqlvikingSqlviking
SqlvikingJonn Callahan
 
Webinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDBWebinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDBMongoDB
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesBrad Hill
 
PHP Experience 2016 - [Palestra] Json Web Token (JWT)
PHP Experience 2016 - [Palestra] Json Web Token (JWT)PHP Experience 2016 - [Palestra] Json Web Token (JWT)
PHP Experience 2016 - [Palestra] Json Web Token (JWT)iMasters
 
Intro to WebSockets
Intro to WebSocketsIntro to WebSockets
Intro to WebSocketsGaurav Oberoi
 
Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Stormpath
 
WS-* with WCF
WS-* with WCFWS-* with WCF
WS-* with WCFppcanodehuelva
 
«How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga «How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga 0xdec0de
 
BeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruBeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruMichele Orru
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorizationGiulio De Donato
 
Webinar slides "Building Real-Time Collaborative Web Applications"
Webinar slides "Building Real-Time Collaborative Web Applications"Webinar slides "Building Real-Time Collaborative Web Applications"
Webinar slides "Building Real-Time Collaborative Web Applications"Sachin Katariya
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net applicationZAIYAUL HAQUE
 
WEB SOCKET 應用
WEB SOCKET 應用WEB SOCKET 應用
WEB SOCKET 應用Jerromy Lee
 
J web socket
J web socketJ web socket
J web socketHiroshi Ochi
 
Android webservices
Android webservicesAndroid webservices
Android webservicesKrazy Koder
 
Dom based xss
Dom based xssDom based xss
Dom based xssLê Giáp
 
MongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB
 
Spa Secure Coding Guide
Spa Secure Coding GuideSpa Secure Coding Guide
Spa Secure Coding GuideGeoffrey Vandiest
 

More Related Content

What's hot

Securing Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based AuthenticationSecuring Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based AuthenticationStefan Achtsnit
 
Scout xss csrf_security_presentation_chicago
Scout xss csrf_security_presentation_chicagoScout xss csrf_security_presentation_chicago
Scout xss csrf_security_presentation_chicagoknaddison
 
Javaee7 jsr356-websocket
Javaee7 jsr356-websocketJavaee7 jsr356-websocket
Javaee7 jsr356-websocketJini Lee
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defenseSecuRing
 
Webinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDBWebinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDBMongoDB
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesBrad Hill
 
PHP Experience 2016 - [Palestra] Json Web Token (JWT)
PHP Experience 2016 - [Palestra] Json Web Token (JWT)PHP Experience 2016 - [Palestra] Json Web Token (JWT)
PHP Experience 2016 - [Palestra] Json Web Token (JWT)iMasters
 
Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Stormpath
 
«How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga «How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga 0xdec0de
 
BeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruBeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruMichele Orru
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorizationGiulio De Donato
 
Webinar slides "Building Real-Time Collaborative Web Applications"
Webinar slides "Building Real-Time Collaborative Web Applications"Webinar slides "Building Real-Time Collaborative Web Applications"
Webinar slides "Building Real-Time Collaborative Web Applications"Sachin Katariya
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net applicationZAIYAUL HAQUE
 
WEB SOCKET 應用
WEB SOCKET 應用WEB SOCKET 應用
WEB SOCKET 應用Jerromy Lee
 
Android webservices
Android webservicesAndroid webservices
Android webservicesKrazy Koder
 
Dom based xss
Dom based xssDom based xss
Dom based xssLê Giáp
 

What's hot (20)

Securing Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based AuthenticationSecuring Single Page Applications with Token Based Authentication
Securing Single Page Applications with Token Based Authentication
 
Scout xss csrf_security_presentation_chicago
Scout xss csrf_security_presentation_chicagoScout xss csrf_security_presentation_chicago
Scout xss csrf_security_presentation_chicago
 
Javaee7 jsr356-websocket
Javaee7 jsr356-websocketJavaee7 jsr356-websocket
Javaee7 jsr356-websocket
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defense
 
Sqlviking
SqlvikingSqlviking
Sqlviking
 
Webinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDBWebinar: Securing your data - Mitigating the risks with MongoDB
Webinar: Securing your data - Mitigating the risks with MongoDB
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realities
 
PHP Experience 2016 - [Palestra] Json Web Token (JWT)
PHP Experience 2016 - [Palestra] Json Web Token (JWT)PHP Experience 2016 - [Palestra] Json Web Token (JWT)
PHP Experience 2016 - [Palestra] Json Web Token (JWT)
 
Intro to WebSockets
Intro to WebSocketsIntro to WebSockets
Intro to WebSockets
 
Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101
 
WS-* with WCF
WS-* with WCFWS-* with WCF
WS-* with WCF
 
«How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga «How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga
 
BeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruBeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-Orru
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorization
 
Webinar slides "Building Real-Time Collaborative Web Applications"
Webinar slides "Building Real-Time Collaborative Web Applications"Webinar slides "Building Real-Time Collaborative Web Applications"
Webinar slides "Building Real-Time Collaborative Web Applications"
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net application
 
WEB SOCKET 應用
WEB SOCKET 應用WEB SOCKET 應用
WEB SOCKET 應用
 
J web socket
J web socketJ web socket
J web socket
 
Android webservices
Android webservicesAndroid webservices
Android webservices
 
Dom based xss
Dom based xssDom based xss
Dom based xss
 

Similar to AtlasCamp 2014: Connect Security

MongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB
 
Devbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityDevbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityMichael Coates
 
Secure software development presentation
Secure software development presentationSecure software development presentation
Secure software development presentationMahdi Dolati
 
Building Secure User Interfaces With JWTs (JSON Web Tokens)
Building Secure User Interfaces With JWTs (JSON Web Tokens)Building Secure User Interfaces With JWTs (JSON Web Tokens)
Building Secure User Interfaces With JWTs (JSON Web Tokens)Stormpath
 
Identity, Security and XML Web Services
Identity, Security and XML Web ServicesIdentity, Security and XML Web Services
Identity, Security and XML Web ServicesJorgen Thelin
 
2018 JavaLand Deconstructing and Evolving REST Security
2018 JavaLand Deconstructing and Evolving REST Security2018 JavaLand Deconstructing and Evolving REST Security
2018 JavaLand Deconstructing and Evolving REST SecurityDavid Blevins
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudDanny Jessee
 
WSO2Con EU 2016: Real-time Monitoring of API Architectures
WSO2Con EU 2016: Real-time Monitoring of API ArchitecturesWSO2Con EU 2016: Real-time Monitoring of API Architectures
WSO2Con EU 2016: Real-time Monitoring of API ArchitecturesWSO2
 
Input validation errors
Input validation errorsInput validation errors
Input validation errorsmanoharparakh
 
The bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CThe bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CAnton Staykov
 
Getting Started With WebAuthn
Getting Started With WebAuthnGetting Started With WebAuthn
Getting Started With WebAuthnFIDO Alliance
 
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat Security Conference
 
Token Authentication for Java Applications
Token Authentication for Java ApplicationsToken Authentication for Java Applications
Token Authentication for Java ApplicationsStormpath
 
Become a Security Ninja
Become a Security NinjaBecome a Security Ninja
Become a Security NinjaPaul Gilzow
 
Deploying your static web app to the Cloud
Deploying your static web app to the CloudDeploying your static web app to the Cloud
Deploying your static web app to the CloudChristoffer Noring
 
MongoDB.local Dallas 2019: Pissing Off IT and Delivery: A Tale of 2 ODS's
MongoDB.local Dallas 2019: Pissing Off IT and Delivery: A Tale of 2 ODS'sMongoDB.local Dallas 2019: Pissing Off IT and Delivery: A Tale of 2 ODS's
MongoDB.local Dallas 2019: Pissing Off IT and Delivery: A Tale of 2 ODS'sMongoDB
 

Similar to AtlasCamp 2014: Connect Security (20)

MongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day OneMongoDB World 2019: Securing Application Data from Day One
MongoDB World 2019: Securing Application Data from Day One
 
Spa Secure Coding Guide
Spa Secure Coding GuideSpa Secure Coding Guide
Spa Secure Coding Guide
 
Starwest 2008
Starwest 2008Starwest 2008
Starwest 2008
 
Devbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityDevbeat Conference - Developer First Security
Devbeat Conference - Developer First Security
 
Secure software development presentation
Secure software development presentationSecure software development presentation
Secure software development presentation
 
Building Secure User Interfaces With JWTs (JSON Web Tokens)
Building Secure User Interfaces With JWTs (JSON Web Tokens)Building Secure User Interfaces With JWTs (JSON Web Tokens)
Building Secure User Interfaces With JWTs (JSON Web Tokens)
 
Identity, Security and XML Web Services
Identity, Security and XML Web ServicesIdentity, Security and XML Web Services
Identity, Security and XML Web Services
 
2018 JavaLand Deconstructing and Evolving REST Security
2018 JavaLand Deconstructing and Evolving REST Security2018 JavaLand Deconstructing and Evolving REST Security
2018 JavaLand Deconstructing and Evolving REST Security
 
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the CloudSharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
 
WSO2Con EU 2016: Real-time Monitoring of API Architectures
WSO2Con EU 2016: Real-time Monitoring of API ArchitecturesWSO2Con EU 2016: Real-time Monitoring of API Architectures
WSO2Con EU 2016: Real-time Monitoring of API Architectures
 
Input validation errors
Input validation errorsInput validation errors
Input validation errors
 
Real-time Monitoring of API Architectures
Real-time Monitoring of API ArchitecturesReal-time Monitoring of API Architectures
Real-time Monitoring of API Architectures
 
The bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2CThe bits and pieces of Azure AD B2C
The bits and pieces of Azure AD B2C
 
Getting Started With WebAuthn
Getting Started With WebAuthnGetting Started With WebAuthn
Getting Started With WebAuthn
 
Web security and OWASP
Web security and OWASPWeb security and OWASP
Web security and OWASP
 
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
BlueHat v17 || Where, how, and why is SSL traffic on mobile getting intercept...
 
Token Authentication for Java Applications
Token Authentication for Java ApplicationsToken Authentication for Java Applications
Token Authentication for Java Applications
 
Become a Security Ninja
Become a Security NinjaBecome a Security Ninja
Become a Security Ninja
 
Deploying your static web app to the Cloud
Deploying your static web app to the CloudDeploying your static web app to the Cloud
Deploying your static web app to the Cloud
 
MongoDB.local Dallas 2019: Pissing Off IT and Delivery: A Tale of 2 ODS's
MongoDB.local Dallas 2019: Pissing Off IT and Delivery: A Tale of 2 ODS'sMongoDB.local Dallas 2019: Pissing Off IT and Delivery: A Tale of 2 ODS's
MongoDB.local Dallas 2019: Pissing Off IT and Delivery: A Tale of 2 ODS's
 

More from Atlassian

International Women's Day 2020
International Women's Day 2020International Women's Day 2020
International Women's Day 2020Atlassian
 
10 emerging trends that will unbreak your workplace in 2020
10 emerging trends that will unbreak your workplace in 202010 emerging trends that will unbreak your workplace in 2020
10 emerging trends that will unbreak your workplace in 2020Atlassian
 
Forge App Showcase
Forge App ShowcaseForge App Showcase
Forge App ShowcaseAtlassian
 
Let's Build an Editor Macro with Forge UI
Let's Build an Editor Macro with Forge UILet's Build an Editor Macro with Forge UI
Let's Build an Editor Macro with Forge UIAtlassian
 
Meet the Forge Runtime
Meet the Forge RuntimeMeet the Forge Runtime
Meet the Forge RuntimeAtlassian
 
Forge UI: A New Way to Customize the Atlassian User Experience
Forge UI: A New Way to Customize the Atlassian User ExperienceForge UI: A New Way to Customize the Atlassian User Experience
Forge UI: A New Way to Customize the Atlassian User ExperienceAtlassian
 
Take Action with Forge Triggers
Take Action with Forge TriggersTake Action with Forge Triggers
Take Action with Forge TriggersAtlassian
 
Observability and Troubleshooting in Forge
Observability and Troubleshooting in ForgeObservability and Troubleshooting in Forge
Observability and Troubleshooting in ForgeAtlassian
 
Trusted by Default: The Forge Security & Privacy Model
Trusted by Default: The Forge Security & Privacy ModelTrusted by Default: The Forge Security & Privacy Model
Trusted by Default: The Forge Security & Privacy ModelAtlassian
 
Designing Forge UI: A Story of Designing an App UI System
Designing Forge UI: A Story of Designing an App UI SystemDesigning Forge UI: A Story of Designing an App UI System
Designing Forge UI: A Story of Designing an App UI SystemAtlassian
 
Forge: Under the Hood
Forge: Under the HoodForge: Under the Hood
Forge: Under the HoodAtlassian
 
Access to User Activities - Activity Platform APIs
Access to User Activities - Activity Platform APIsAccess to User Activities - Activity Platform APIs
Access to User Activities - Activity Platform APIsAtlassian
 
Design Your Next App with the Atlassian Vendor Sketch Plugin
Design Your Next App with the Atlassian Vendor Sketch PluginDesign Your Next App with the Atlassian Vendor Sketch Plugin
Design Your Next App with the Atlassian Vendor Sketch PluginAtlassian
 
Tear Up Your Roadmap and Get Out of the Building
Tear Up Your Roadmap and Get Out of the BuildingTear Up Your Roadmap and Get Out of the Building
Tear Up Your Roadmap and Get Out of the BuildingAtlassian
 
Nailing Measurement: a Framework for Measuring Metrics that Matter
Nailing Measurement: a Framework for Measuring Metrics that MatterNailing Measurement: a Framework for Measuring Metrics that Matter
Nailing Measurement: a Framework for Measuring Metrics that MatterAtlassian
 
Building Apps With Color Blind Users in Mind
Building Apps With Color Blind Users in MindBuilding Apps With Color Blind Users in Mind
Building Apps With Color Blind Users in MindAtlassian
 
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...Atlassian
 
Beyond Diversity: A Guide to Building Balanced Teams
Beyond Diversity: A Guide to Building Balanced TeamsBeyond Diversity: A Guide to Building Balanced Teams
Beyond Diversity: A Guide to Building Balanced TeamsAtlassian
 
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed Team
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed TeamThe Road(map) to Las Vegas - The Story of an Emerging Self-Managed Team
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed TeamAtlassian
 
Building Apps With Enterprise in Mind
Building Apps With Enterprise in MindBuilding Apps With Enterprise in Mind
Building Apps With Enterprise in MindAtlassian
 

More from Atlassian (20)

International Women's Day 2020
International Women's Day 2020International Women's Day 2020
International Women's Day 2020
 
10 emerging trends that will unbreak your workplace in 2020
10 emerging trends that will unbreak your workplace in 202010 emerging trends that will unbreak your workplace in 2020
10 emerging trends that will unbreak your workplace in 2020
 
Forge App Showcase
Forge App ShowcaseForge App Showcase
Forge App Showcase
 
Let's Build an Editor Macro with Forge UI
Let's Build an Editor Macro with Forge UILet's Build an Editor Macro with Forge UI
Let's Build an Editor Macro with Forge UI
 
Meet the Forge Runtime
Meet the Forge RuntimeMeet the Forge Runtime
Meet the Forge Runtime
 
Forge UI: A New Way to Customize the Atlassian User Experience
Forge UI: A New Way to Customize the Atlassian User ExperienceForge UI: A New Way to Customize the Atlassian User Experience
Forge UI: A New Way to Customize the Atlassian User Experience
 
Take Action with Forge Triggers
Take Action with Forge TriggersTake Action with Forge Triggers
Take Action with Forge Triggers
 
Observability and Troubleshooting in Forge
Observability and Troubleshooting in ForgeObservability and Troubleshooting in Forge
Observability and Troubleshooting in Forge
 
Trusted by Default: The Forge Security & Privacy Model
Trusted by Default: The Forge Security & Privacy ModelTrusted by Default: The Forge Security & Privacy Model
Trusted by Default: The Forge Security & Privacy Model
 
Designing Forge UI: A Story of Designing an App UI System
Designing Forge UI: A Story of Designing an App UI SystemDesigning Forge UI: A Story of Designing an App UI System
Designing Forge UI: A Story of Designing an App UI System
 
Forge: Under the Hood
Forge: Under the HoodForge: Under the Hood
Forge: Under the Hood
 
Access to User Activities - Activity Platform APIs
Access to User Activities - Activity Platform APIsAccess to User Activities - Activity Platform APIs
Access to User Activities - Activity Platform APIs
 
Design Your Next App with the Atlassian Vendor Sketch Plugin
Design Your Next App with the Atlassian Vendor Sketch PluginDesign Your Next App with the Atlassian Vendor Sketch Plugin
Design Your Next App with the Atlassian Vendor Sketch Plugin
 
Tear Up Your Roadmap and Get Out of the Building
Tear Up Your Roadmap and Get Out of the BuildingTear Up Your Roadmap and Get Out of the Building
Tear Up Your Roadmap and Get Out of the Building
 
Nailing Measurement: a Framework for Measuring Metrics that Matter
Nailing Measurement: a Framework for Measuring Metrics that MatterNailing Measurement: a Framework for Measuring Metrics that Matter
Nailing Measurement: a Framework for Measuring Metrics that Matter
 
Building Apps With Color Blind Users in Mind
Building Apps With Color Blind Users in MindBuilding Apps With Color Blind Users in Mind
Building Apps With Color Blind Users in Mind
 
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...
 
Beyond Diversity: A Guide to Building Balanced Teams
Beyond Diversity: A Guide to Building Balanced TeamsBeyond Diversity: A Guide to Building Balanced Teams
Beyond Diversity: A Guide to Building Balanced Teams
 
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed Team
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed TeamThe Road(map) to Las Vegas - The Story of an Emerging Self-Managed Team
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed Team
 
Building Apps With Enterprise in Mind
Building Apps With Enterprise in MindBuilding Apps With Enterprise in Mind
Building Apps With Enterprise in Mind
 

Recently uploaded

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Recently uploaded (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

AtlasCamp 2014: Connect Security