Hacker News new | past | comments | ask | show | jobs | submit login

The most surprising part of this is that Cloudflare uses BitBucket.



How so? It integrates well with the other Atlassian products they use.


Integrates with Jira and the rest of Atlassian's stuff, and it's just another git server at the end of the day.


Maybe but maybe not. I don't like Bitbucket but there are a number of large companies where they worry about using services owned by competitors in one of their verticals.


Bitbucket doesn't have to be a service. It can be an old-fashioned downloaded software that you install on your own machines. Not everything is SaaS.


Not sure what you mean? If you are alluding to the OP that said it was surprising...I don't think he found it suprising they they use Bitbucket over Mercurial. I think its safe to assume he meant bitbucket over a Github.

In the git universe there is a pretty short list of services, locally or hosted that you would probably use as an entity as large as cloud flare.


Wonder how powerful is Scriptrunner for Jira. They got the security certifications but I cant tell how sandboxed it is.


As well as can be expected in a company that gives Smartsheet access to Jira with an Admin Service Account.

https://github.com/BishopFox/sliver

"Since the Smartsheet service account had administrative access to Atlassian Jira, the threat actor was able to install the Sliver Adversary Emulation Framework, which is a widely used tool and framework that red teams and attackers use to enable “C2” (command and control), connectivity gaining persistent and stealthy access to a computer on which it is installed. Sliver was installed using the ScriptRunner for Jira plugin."

https://blog.cloudflare.com/thanksgiving-2023-security-incid...


A lot of very big companies use Bitbucket, it's just a lot more cost effective than Gitlab/Github.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: