BugBase Documentation
  • 👋Welcome to BugBase Docs
  • Overview
    • 💡What we do
    • ⚡Changelogs
    • ✨Our Features
    • 📂Programs at BugBase
      • Vulnerability Disclosure Program (VDP)
      • Bug Bounty Program
      • Private Bounty Program
      • Pentest Program (VAPT)
  • Report Lifecycle
    • Bug Report
    • Report Status
  • How To
    • 👨‍💻Invite Organization Members to BugBase (RBAC)
    • 🚩Setup a Campaign for better program engagement
    • 🐛Submit a Bug Report on BugBase
    • 📑Create a Bug Bounty Program on BugBase
    • ⬇️Download the mobile app
  • Company Guide
    • 👨‍💼Create a Company Account
    • 🧭Navigation
    • 🛡️Assets Dashboard
    • 🗝️Credential Vaults
      • Creating a Credential Vault
      • Adding Credentials to Vault
      • Connect Credential Vault to an Asset
      • Require Whitelisting for a Credential
    • 🔐VPN Servers
      • Create, Configure and Deploy VPN server
      • Monitor Live Statistics and Logs
    • 🗂️Programs Dashboard
      • ⛳Create a Program
    • 📢Customer Support
    • 💵Bounty Bin
    • ⚙️Company Settings
      • 👨‍🏫Profile
      • 🏢Organisation
      • 👨‍🏭Roles and Permissions
      • 🔐Security & Authentication
        • Multi-Factor Authentication
        • SSO with SAML
          • Okta SSO setup via SAML
          • Google SSO setup via SAML
      • 🎨Customization
        • Automations
        • Report Tags
      • 📙Manage Access
    • 📈Insights Dashboard
    • 🔊Campaigns
    • 💲Understanding Currencies Used in BugBase
    • 🤝Whitelist
  • Program guide
    • Bug Bounty Dashboard
      • Program Reports Section
        • Report Components
        • Report Actions
        • Duplicating Reports
        • Assigning Swags
        • Assigning Bounties
        • Assigning Thanks to Reporters
        • Assigning Bonus Bounty
        • Automatic Response Generator using ChatGPT
      • Program Policy
        • Editing Program Policy
          • Best Practices For Designing Policy
          • Best Practices For Bounty Tables
      • Payouts
      • Settings
    • Private Bug Bounty Dashboard
      • Invite Hackers
      • Manage Credentials
    • VDP Dashboard
    • Pentest Dashboard
      • Pentest Overview
      • Vulnerabilities Section
        • Pentest Report Components
        • Pentest Report Actions
      • Global Pentest Chat
    • Competition Dashboard
      • Dashboard
      • Creating a Competition
        • Adding Challenges
      • Manage Competitions
        • Statistics
        • Leaderboard
        • Manage Users
  • Bounty Hunter Guide
    • Bounty Hunter Dashboard
    • Bounty Hunter Profile
    • Programs Directory
      • Program Policy Page
      • Credentials
      • VPN Access
      • Whitelist
      • Collaborate
    • Bounty Hunter Reports Section
      • Submitting Reports
      • Interaction with Program Representees
      • Collaboration
      • Response Generation through ChatGPT on Report Chat
    • Competitions
    • Discord Community
    • Leaderboard
    • Multi-Factor Authentication
    • Settings
      • Verify KYC
    • Email Alias
    • 🚀Apollo Community
  • Integrations
    • 🔗Supported Integrations
    • Webhooks
    • JIRA
      • Creating a JIRA Issue
    • Slack
      • Managing Integration
    • Microsoft Teams
    • Github
    • Asana
    • Sumo Logic
    • PagerDuty
  • on-premise
    • Running Automated Testing
    • Sandbox Environment
Powered by GitBook
On this page
  • Adding a comment
  • Change Report Status
  • Update Report Title
  • Modify Report Severity
  • Assign a Report
  • Assign Rewards
  • Report Users
  • Export Report as PDF
  • Connect to integrations:

Was this helpful?

  1. Program guide
  2. Bug Bounty Dashboard
  3. Program Reports Section

Report Actions

PreviousReport ComponentsNextDuplicating Reports

Last updated 5 months ago

Was this helpful?

The Reports section in Bugbase provides program managers with a centralized location to view and manage all reports submitted to the program. This feature allows program managers to take several actions on a report in order to efficiently manage them. You can:

  • Add a comment

  • Change report status

  • Change report title

  • Change priority

  • Assign a report

  • Report users

  • Export report as PDF

  • Connect to integrations

Adding a comment

Program managers can add a comment to a report to provide feedback to the hacker who submitted the report or to discuss the report with other team members. Comments can be added to the report at any time and can be used to ask for more information, provide guidance, or express appreciation.

BugBase also allows program managers to use quick actions to reply to reports with per-defined responses for specific cases. This feature allows program managers to respond to reports quickly and efficiently, without the need to type out a response each time. You can even create your own custom quick actions for specific requirements.

Examples of quick actions include:

  • Request for completing KYC: This quick action can be used to let the hacker know that they need to complete their KYC to receive bounty payouts.

  • Request for Shipping Address: This quick action can be used to request the hacker's shipping address when a physical reward is being sent.

  • Report under review: This quick action can be used to inform the hacker that their report is under review by the program management team.

Adding custom quick actions:

  1. Click the + icon at the right side of the quick actions section.

  1. Enter Title and Message for your custom action and click on Save.

  2. You can Edit/Delete your custom actions as well from the quick actions dropdown.

This feature saves time and effort for program managers, allowing them to respond to reports quickly and efficiently, while providing clear and consistent communication to hackers.

Change Report Status

Program managers can change the state of a report to reflect its current status, such as "triaged", "resolved", "duplicate", "informational", "invalid", "spam", etc. This allows program managers to easily identify and prioritise reports based on their status.

To change report status:

  1. Go to the top of the report page.

  2. Click on the "Change Report Status" button.

  3. Click on your desired status to change the status of the report.

Update Report Title

Program administrators have the ability to update the title of a report if they find it necessary to better reflect the content or purpose of the report. This ensures clarity and improves communication among team members. To change the report title, click on the "Edit" button next to the report title, make the necessary changes, and save your updates.

Modify Report Severity

In addition to changing the status of a report, program managers can also change the priority of a report if they disagree with the priority set by the hacker. This feature allows program managers to quickly and easily adjust the priority level of a report to reflect its importance and urgency. Reports can be set to Critical, High, Medium, Low, Informational based on the severity of the vulnerability reported. This allows program managers to quickly identify and address critical vulnerabilities.

To change the severity of a report

  1. Go to the top of the report page.

  2. Click on the "Modify Report Severity" button.

  3. Select the desired severity level from the options provided.

Assign a Report

Program managers can assign a report to a specific team member for further triage and investigation. This allows program managers to delegate responsibility for investigating and addressing vulnerabilities to specific team members.

To assign a report

  1. Go to the bottom of the report page and on the "Assignee" section.

  2. Program manager can then select the team member from a list of program members to whom they wish to assign the report.

  3. The assigned team member will then be responsible for evaluating the report and taking appropriate action on it.

Assign Rewards

Program managers can assign rewards to the hacker who submitted the report as a token of appreciation or reward for their contribution.

To set an reward

  1. Go to the top of the report page and click on the "Assign Reward" button.

  2. Enter the details of the reward, such as the type of reward and the amount.

Report Users

Program managers can report users who violate the program's terms of service or abuse the platform. This allows program managers to take appropriate action against individuals who misuse the platform.

To report a user

  1. Go to the top of the report page and click on the "Report User" button.

  2. Provide a reason for the report, such as "violation of terms of service" or "abuse of platform".

  3. This report will be reviewed by the platform team, and appropriate action will be taken.

Export Report as PDF

Another feature provided by the Reports section in BugBase is the ability to export a report as a PDF. This allows program managers to easily save a copy of a report for offline viewing or for sharing with others.

To export a report as a PDF,

  1. Go to the top of the report page and click on the "Export Report as PDF" button.

This feature allows program managers to easily save a copy of a report for offline viewing or for sharing with others, such as stakeholders, team members, and other members of the organization. This feature makes it easy to share the report with others and to have a permanent record of the report.

Connect to integrations:

Program managers can connect to integrations like Jira, Asana, Github and more. This allows program managers to integrate their bug bounty program with their existing workflows and processes, for example, by automatically creating tasks in project management tools for vulnerabilities that need to be fixed.

To learn more about report status view

report status page