Create a tool that allows an authorized simulated cyberattack on a Website, performed to evaluate the security of the corresponding website to find if the website is vulnerable to OWASP top 10, such as Injection, Broken Authentication, Cross-Site Scripting, and etc.

1. Currently we use OWASP ZAP for automated penetration testing which often gives false positives and irrelevant output.

2. The service would be helpful for identifying the vulnerabilities and promote our WAF solution.

Fix an automation bug which affects the creation of user identities

1. We need to check the code for ""bulk upload"" of users to check if provisioning functions are being properly called.

2. The users should be created in AD/GSuite/Salesforce when a CSV is uploaded.

We want to add a new feature of "Password Syncing" to our product.

1. Passwords cannot be synced from miniorange to database or the other way, this feature needs to be added.

Design a new UI for Bitbucket OAuth and improve the usability

1. Replicate the NEW UI framework of the JIRA OAuth Client plugin in Bitbucket OAuth to improve its usability and make sure that all our plugins should have the same UI and configuration

2. There should be an option to select fields like description, comments, assignee, reporter etc.

Identify all Internal or External Dead (Broken Links) of a Web Application

1. We have a good number of active users and requests for this product.

2. Having a cloud service will help us resolve the issues we are currently facing

Integrate a new protocol in our main product. Create SCIM Provisioning Service.

1. This service can work with wordpress, atlassian and all SCIM supported apps when miniorange is IDP.

2. This service can connect with Okta, Onelogin and various IDPs to act as provisioning broker between IDP/SP.

Add factory pattern to AD provisioning.

1. There are different types of LDAP directories e.g. Active Directory, OpenLDAP etc. The code for this should be changed to take into account these different types.

Be the first to know that your website is down! Warns you before any significant trouble and saves you money. Check your website accessibility at a particular interval and stay alert if anything goes down

1. We have this solution but it has a few issues that needs to be addressed, this also has a good number of active users and scope for conversions with quality and reliable product.

One 2FA code for all the Atlassian servers

1. One 2FA code for all the Atlassian servers even if the individual plugin is installed on JIRA Confluence, Bitbucket, and Bamboo.

Share Confluence page with an anonymous user

1. Share confluence pages with users without creating their accounts in Confluence.

2. This will reduce the overhead of increasing the user tier for Atlassian applications.

3. This shared link should be protected with the password that will be generated along with the sharable link

Integrate Git applications like Github, Gitlab, etc with JIRA Cloud

1. New Plugin for Atlassian JIRA Cloud to integrate Git tools like Github, Gitlab so that users can link their PR, Check-ins with JIRA tickets

We want to improve the way our Database changes are handled during our product's version upgrades..

1. Upgrading On-Premise offerings of our product yields inaccurate results, especially when there have been DB changes.

2. We need a new process altogether for handling DB migration to save time.

To provide the users of our products with better customisations, we want to make our product workflows more configurable for the end-user, by using web hooks.

1. We want to add better customization options for user registration on our product using web hooks.

2. This will be a key step in the process of making our own marketplace.

We want to make the product setup process much easier for the end-user, the current setup process requires a lot of pre-requisite knowledge.

1. Existing product setup process needs a complete revamp by improving the technology end of things.

2. The end-user should be able to create a new application without any existing knowledge of the configuration.

Salesforce Provisioning

1. Mostly new integration, only create users in salesforce flow is implemented currently.

2. Import, update and delete flows need to be added

Design a new UI for Bamboo OAuth and improve the usability

1. Replicate the NEW UI framework of the JIRA OAuth Client plugin in Bamboo OAuth to improve its usability and make sure that all our plugins should have the same UI and configuration

JWT SSO for JIRA and Confluence OAuth Client Plugin

1. JWT SSO Support for JIRA and Confluence whicj allows a user to login into JIRA and Confluence from another application where he is already logged in.

2. When user clicks on the link (JIRA tickets or Confluence pages), user will be redirected to Atlassian application with JWT Token, Plugin will verify the JWT Token and create user seesion on JIRA (or Confluence)

Crowd SAML SSO Connector for SonarQube

1. New plugin which will be integrated with Crowd SAML SSO and allow the user to SSO into SonarQube from IDP and manage users in Crowd Medium

Crowd SAML SSO Connector for Nexus

1. New plugin which will be integrated with Crowd SAML SSO and allow the user to SSO into SonarQube from IDP and manage users in Crowd Medium

The primary function of a WAF is to secure web applications against detected vulnerabilities, with as little effort as possible, so that they cannot be exploited by attackers.

1. A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service.

2. By inspecting HTTP traffic, it can prevent attacks exploiting a web application's known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration.

A captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources

1. Captive portals are used for a broad range of mobile and broadband services – including cable and commercially provided Wi-Fi and home hotspots.

2. A captive portal can also be used to provide access to enterprise or residential wired networks, such as apartment houses, hotel rooms, and business centers.

A reverse proxy is a server that sits in front of web servers and forwards client (e.g. web browser) requests to those web servers. This implementation helps increase security, performance, reliability, monitor and control your web traffic.

1. A reverse proxy is a server that sits in front of web servers and forwards client (e.g. web browser) requests to those web servers.

2. This implementation helps increase security, performance, reliability, monitor and control your web traffic.

SSO Connector for Crowd OAuth Plugin

1. Make the existing Crowd OAuth SSO Connector work with the Crowd OAuth Client plugin and enable OAuth/OIDC SSO for Connected Atlassian Application.

2. Here, the Crowd OAuth plugin will be connected to OAuth/OIDC Provider, and using the SSO Connector add-on use can initiate OAuth/OIDC SSO directly from the connected applications like JIRA.

New OAuth/OIDC SSO Integration for Atlassian Cloud

1. New Plugin for Atlassian Cloud using miniOrange as Broker.

2. The plugin will create an app (as an external IDP) on miniOrange for the Customer's OAuth/OIDC Provider and integrate it with Atlassian Access.

3. Everything will be done through the API call. Here, the Atlassian cloud will be connected to miniOrange via SAML and miniOrange will be connected with the customer's OAuth/OIDC Provider using OAuth/OIDC SSO.

Exporter plugin for Atlassian Cloud [JIRA and Confluence]

1. Export JIRA Tickets, Confluence Pages in PDF, docs, Docx etc and some other for file format.

2. There should be an option to select fields like description, comments, assignee, reporter etc.

We want to improve the reporting of errors in our product, the exact issue should be conveyed in simple language to the account user.

1. Not all errors encountered by the product are communicated clearly and timely to the end-user. This needs to be fixed.

2. There should be custom messages designed to be shown on the UI which convey the reason of the error.

Create user import report

1. Need to add new reports which include user import details, user updation/deletion details.

We want to show details of where user information was imported from, inside a pre-existing user details table.

1. A new column should be added to endUsers table which will store the data from where the user was imported.During import, while creation of users, the identifier of AD/DB/Gsuite should be logged and this should be visible in the end users table.

Make our "User Provisioning" feature more intuitive and easy to configure by providing extra details where required.

1. Currently, the provisioning feature works according to a ""default"" user store, which needs to be more customizable.

2. There needs to be a list of configred user stores to choose from.

We want to improve our browser extension, add another feature of "SP initiated SSO", remove repetitive code, and improve the setup process.

1. We have repititive code as well as a missing feature in the existing browser extension.

2. We want to improve on both these things, along with the setup process which is currently very complex.

The scope would be to replicate a basic module and replicate the success created on existing platforms like Wordpress and Shopify.

1. Integrate our world class OTP Verification Services for platforms like OpenCart, Wix, BigCommerce and others.

2. Take this opportunity to learn how to build modules / plugins and work on serverless applications architecture.

3. Get to work on different language frameworks like Node.js, PHP, Javascript, HTML and CSS.

Advanced Troubleshooting for Bitbucket and Bamboo SAML SSO Plugin "Allow admin to easily troubleshoot the SSO Error and record and show SSO logs. The SSO audit logs should be visible in the plugin page along with the detailed descriptions.

1. SSO Login Status (SUCCESS/FAILED)

2. If FAILED --> Reason along with the resolution

3. IP Address of the SSO User

4. Operations performed by the plugin suring SSO (create user, Update Profile, Update Groups)

Advanced Troubleshooting for Jira and Confluence SAML SSO Plugin "Allow admin to easily troubleshoot the SSO Error and record and show SSO logs. The SSO audit logs should be visible in the plugin page along with the detailed descriptions.

1. SSO Login Status (SUCCESS/FAILED)

2. If FAILED --> Reason along with the resolution

3. IP Address of the SSO User

4. Operations performed by the plugin suring SSO (create user, Update Profile, Update Groups)

We want to enable a quick prompt which confirms that the user wants to proceed with the selected action.

1. The option does not work as intended currently, users are created in the app before accepting or denying the prompt.

We want to show appropriate links to setup guides at the right places inside the product.

1. In the provisioning section, when the admin selects an app, he/she should be able to see a link to the appropriate guide for the setup instructions in the UI.

Option to select users in import users feature.

1. Add an option to selectively import users in the import users feature of our IDP Product.

Improve the setup process of the "Database Provisioning" feature of our product.

1. The current setup is complex and requires technical knowledge. This needs to be made easier.

This will be an online tool which should be able to decode/encode, encrypt/decrypt XML documents and generate x509 certificates, Signed / Unsigned SAML Requests Response examples.

1. This tool will set a mile in debugging SAML-related issues and commonplace for all kinds of SAML connectors.

2. This will help in increasing the reach of miniorange SAML implementation to the customers.

Crowd SAML SSO Connector for JFrog Artifactory

1. New plugin which will be integrated with Crowd SAML SSO and allow the user to SSO into SonarQube from IDP and manage users in Crowd

Enforce 2FA for Git operations for Bitbucket Datacenter

1. Enforce 2FA while making the git operation from any git client or command prompt

Advanced Audit Logs for Atlassian 2FA Plugin.
Advance Audit for all the 2FA operations performed by the plugin. This includes

1. 2FA plugin admin configuration changes

2. User's 2FA login status (failed/success) with reason

3. end user's IP Address