18
Customers have installed this app in at least 18 active instances.
18
Customers have installed this app in at least 18 active instances.
    by MergeBasefor Bitbucket Server 5.8.0 - 7.3.0 and Bitbucket Data Center 5.8.0 - 7.3.0
    Supported
    MergeBase supports this app.

    Get support

    Supported
    MergeBase supports this app.

    Get support

    Secure your enterprise against vulnerable open source libraries with every Bitbucket push

    Secure your enterprise against vulnerable open source libraries with every Bitbucket push

    Secure your enterprise against vulnerable open source libraries with every Bitbucket push

    Eradicate the biggest source of data breaches

    Enterprise class SDLC controls at your fingertips

    "Shift Left": Starting at the source is key

    Vulnerabilities in application libraries are responsible for a quarter of all data breaches. Equifax lost $5 Billion in value as a result of a breach. MergeBase identifies these vulnerabilities better than any other.

    Prevent developers from bringing vulnerabilities into your projects.

    Mix and match friendly approaches to nudge developers in the right direction with strict enforcement of policies and procedures where needed.

    Research has shown time and time again that the earlier in the software development lifecycle you can identify and fix a problem , the lower the cost to do so and the lower the negative impact on the organization.

    Eradicate the biggest source of data breaches

    Enterprise class SDLC controls at your fingertips

    "Shift Left": Starting at the source is key

    Vulnerabilities in application libraries are responsible for a quarter of all data breaches. Equifax lost $5 Billion in value as a result of a breach. MergeBase identifies these vulnerabilities better than any other.

    Prevent developers from bringing vulnerabilities into your projects.

    Mix and match friendly approaches to nudge developers in the right direction with strict enforcement of policies and procedures where needed.

    Research has shown time and time again that the earlier in the software development lifecycle you can identify and fix a problem , the lower the cost to do so and the lower the negative impact on the organization.

    More details

    With every push MergeBase CodeGreen analyses the code developers want to add to your repositories for known-vulnerabilities and triggers warnings, rejections, and mandatory code reviews. You can configure these to extend full enterprise control over these potentially catastrophic risks to your organization.

    CodeGreen's controls and reports are integrated directly into Bitbucket's push and merge hooks. Developers will start receiving valuable vulnerability reports on their next "git push" or "pull-request merge" immediately after Code Green is installed - they do not need to remember to click on special scanning or reporting pages. It's all integrated and seamless.

    The current version supports Ruby (Gemfile.lock), Java (pom.xml), and JavaScript (package-lock.json and yarn.lock).

    More details

    With every push MergeBase CodeGreen analyses the code developers want to add to your repositories for known-vulnerabilities and triggers warnings, rejections, and mandatory code reviews. You can configure these to extend full enterprise control over these potentially catastrophic risks to your organization.

    CodeGreen's controls and reports are integrated directly into Bitbucket's push and merge hooks. Developers will start receiving valuable vulnerability reports on their next "git push" or "pull-request merge" immediately after Code Green is installed - they do not need to remember to click on special scanning or reporting pages. It's all integrated and seamless.

    The current version supports Ruby (Gemfile.lock), Java (pom.xml), and JavaScript (package-lock.json and yarn.lock).

    Reviews for cloud

    (2)Sign in to write a review

    There are no reviews yet. Be the first to review this app.

    Reviews for server

    (2)
    Sign in to write a review
    by Scott MacKenzie on 2020-05-22
    Much faster and more accurate than the OWASP maven scanner we were using. Being able to detect at commit time garentees the problem will be dealt with up front.
    Was this review helpful?YesNo

    Reviews for Data Center

    (2)Sign in to write a review

    There are no reviews yet. Be the first to review this app.

    Cloud Pricing

    Server Pricing

    Data Center Pricing

    10 users$35025 users$72550 users$1,300100 users$2,375250 users$4,750500 & upAdditional pricing details
    25 users$725/year50 users$1,300/year100 users$2,375/year250 users$4,750/year500 users$6,325/year1000 & upAdditional pricing details

    Pricing FAQ

    How does server app pricing work?

    Server products and apps are hosted on your servers. This app is sold as a perpetual license, and the purchase price includes 12 months of maintenance (support and version updates).

    You can renew maintenance after 12 months at 50% of the current purchase price. You can upgrade the tier of your Atlassian product and app licenses at any time. Upgrade prices are calculated based on Atlassian's formula (view example).

    If app pricing changes after your initial purchase, there's a 60-day grandfathering period during which you can renew based on the old pricing.

    How do I determine my server pricing?

    Apps are billed based on the number of users in your Atlassian product. The app tier should match the licensed user tier of the Atlassian product. For example, if you have a Confluence license for 500 users, you should purchase the 500-user tier for apps. Even if fewer users want to use the app than your Atlassian product license, the two licenses should match exactly.

    Can I install this app in a Data Center product?

    Yes, this app has a Data Center approved version. If you're using a Data Center product, you should install the Data Center version of the app.

    Learn more about Data Center approved apps

    What type of license do I need if I'm using this app in a Data Center product?

    Because this app has a Data Center approved version, you should purchase a Data Center license for the app.

    If you already own a server license for this app, you can continue using the server license in your Data Center product for a limited period of time.

    Learn more about Data Center licensing

    Do you offer academic, community, or open-source licenses for server apps?

    For server apps, academic licenses are available at a 50% discount if you have an academic license for your Atlassian product.

    Community and open-source licenses are available for server apps. Learn more about community and open source licenses.

    Can I extend my free trial?

    For server apps, you can extend your app trial up to 5 times - in other words, for up to six months. Extend your trial by generating a new evaluation license key from Atlassian Marketplace. Click Try it free and you'll be directed to generate a new license. Paste this license key into the app listing in UPM from your Atlassian product, and you're all set.

    How can I buy apps for my legacy Jira Server or Confluence Server license?

    If you own a legacy Jira Server Unlimited (100+ users) or Confluence Server Unlimited (2000+ users) license purchased in 2012 or earlier, legacy app pricing is no longer available. You have two options for app purchasing:

    • Purchase the app at the non-legacy Unlimited (10000+ users) tier.
    • Renew your Jira or Confluence license at a non-legacy tier, then purchase the app at the same tier.

    Learn more

    Pricing FAQ

    How does Data Center app pricing work?

    Data Center apps are sold as an annual subscription. You are eligible for support and version updates as long as your subscription is active.

    If app pricing changes after your initial purchase, there's a 60-day grandfathering period during which you can renew based on the old pricing.

    How do I determine my Data Center pricing?

    Apps are billed based on the number of users in your Atlassian product. The app tier should match the licensed user tier of the Atlassian product. For example, if you have a Confluence license for 500 users, you should purchase the 500-user tier for apps. Even if fewer users want to use the app than your Atlassian product license, the two licenses should match exactly.

    Can I install this app in a Data Center product?

    Yes, this app has a Data Center approved version. If you're using a Data Center product, you should install the Data Center version of the app.

    Learn more about Data Center approved apps

    What type of license do I need if I'm using this app in a Data Center product?

    Because this app has a Data Center approved version, you should purchase a Data Center license for the app.

    If you already own a server license for this app, you can continue using the server license in your Data Center product for a limited period of time.

    Learn more about Data Center licensing

    Do you offer academic, community, or open-source licenses for Data Center apps?

    For Data Center apps, academic licenses are available at a 50% discount if you have an academic license for your Atlassian product.

    Community and open-source licenses are not available for Data Center apps. Learn more about community and open source licenses.

    Can I extend my free trial?

    For Data Center apps, you can extend your app trial up to 5 times - in other words, for up to six months. Extend your trial by generating a new evaluation license key from Atlassian Marketplace. Click Try it free and you'll be directed to generate a new license. Paste this license key into the app listing in UPM from your Atlassian product, and you're all set.

    MergeBase provides support for this app.

    MergeBase provides support for this app.

    Vendor support resources

    Documentation

    Find out how this app works.

    See existing Q&A in Atlassian CommunityAsk a question in the Atlassian Community

    Atlassian-hosted discussions connect you to other customers who use this app.

    Vendor support resources

    Documentation

    Find out how this app works.

    See existing Q&A in Atlassian CommunityAsk a question in the Atlassian Community

    Atlassian-hosted discussions connect you to other customers who use this app.

    Versions

    Version 2020.05.11 Bitbucket Server 5.8.0 - 7.3.0 Released 2020-05-11

    Summary

    Fixed bug (NPE) on push

    Details

    Fixed a bug (NullPointerException) that was happening under certain situations during git push.

    Versions

    Version 2020.05.11 Bitbucket Data Center 5.8.0 - 7.3.0 Released 2020-05-11

    Summary

    Fixed bug (NPE) on push

    Details

    Fixed a bug (NullPointerException) that was happening under certain situations during git push.

    Installation

    1. Log into your Bitbucket instance as an admin.
    2. Click the admin dropdown and choose Atlassian Marketplace. The Manage add-ons screen loads.
    3. Click Find new apps or Find new add-ons from the left-hand side of the page.
    4. Locate MergeBase CodeGreen - SCA & CVE Defense via search. The appropriate app version appears in the search results.
    5. Click Try free to begin a new trial or Buy now to purchase a license for MergeBase CodeGreen - SCA & CVE Defense. You're prompted to log into MyAtlassian. MergeBase CodeGreen - SCA & CVE Defense begins to download.
    6. Enter your information and click Generate license when redirected to MyAtlassian.
    7. Click Apply license. If you're using an older version of UPM, you can copy and paste the license into your Bitbucket instance.

    To find older MergeBase CodeGreen - SCA & CVE Defense versions compatible with your instance, you can look through our version history page.

    1. Log into your Bitbucket instance as an admin.
    2. Click the admin dropdown and choose Atlassian Marketplace. The Manage add-ons screen loads.
    3. Click Find new apps or Find new add-ons from the left-hand side of the page.
    4. Locate MergeBase CodeGreen - SCA & CVE Defense via search. The appropriate app version appears in the search results.
    5. Click Try free to begin a new trial or Buy now to purchase a license for MergeBase CodeGreen - SCA & CVE Defense. You're prompted to log into MyAtlassian. MergeBase CodeGreen - SCA & CVE Defense begins to download.
    6. Enter your information and click Generate license when redirected to MyAtlassian.
    7. Click Apply license. If you're using an older version of UPM, you can copy and paste the license into your Bitbucket instance.

    To find older MergeBase CodeGreen - SCA & CVE Defense versions compatible with your instance, you can look through our version history page.

    Similar apps