Report Actions
Last updated
Last updated
The Reports section in Bugbase provides program managers with a centralized location to view and manage all reports submitted to the program. This feature allows program managers to take several actions on a report in order to efficiently manage them. You can:
Add a comment
Change report status
Change report title
Change priority
Assign a report
Report users
Export report as PDF
Connect to integrations
Program managers can add a comment to a report to provide feedback to the hacker who submitted the report or to discuss the report with other team members. Comments can be added to the report at any time and can be used to ask for more information, provide guidance, or express appreciation.
BugBase also allows program managers to use quick actions to reply to reports with per-defined responses for specific cases. This feature allows program managers to respond to reports quickly and efficiently, without the need to type out a response each time. You can even create your own custom quick actions for specific requirements.
Examples of quick actions include:
Request for completing KYC
: This quick action can be used to let the hacker know that they need to complete their KYC to receive bounty payouts.
Request for Shipping Address
: This quick action can be used to request the hacker's shipping address when a physical reward is being sent.
Report under review
: This quick action can be used to inform the hacker that their report is under review by the program management team.
Adding custom quick actions:
Click the +
icon at the right side of the quick actions section.
Enter Title
and Message
for your custom action and click on Save
.
You can Edit
/Delete
your custom actions as well from the quick actions dropdown.
This feature saves time and effort for program managers, allowing them to respond to reports quickly and efficiently, while providing clear and consistent communication to hackers.
Program managers can change the state of a report to reflect its current status, such as "triaged", "resolved", "duplicate", "informational", "invalid", "spam", etc. This allows program managers to easily identify and prioritise reports based on their status.
Go to the top of the report page.
Click on the "Change Report Status" button.
Click on your desired status to change the status of the report.
To learn more about report status view report status page
Program administrators have the ability to update the title of a report if they find it necessary to better reflect the content or purpose of the report. This ensures clarity and improves communication among team members. To change the report title, click on the "Edit" button next to the report title, make the necessary changes, and save your updates.
In addition to changing the status of a report, program managers can also change the priority of a report if they disagree with the priority set by the hacker. This feature allows program managers to quickly and easily adjust the priority level of a report to reflect its importance and urgency. Reports can be set to Critical, High, Medium, Low, Informational based on the severity of the vulnerability reported. This allows program managers to quickly identify and address critical vulnerabilities.
Go to the top of the report page.
Click on the "Modify Report Severity" button.
Select the desired severity level from the options provided.
Program managers can assign a report to a specific team member for further triage and investigation. This allows program managers to delegate responsibility for investigating and addressing vulnerabilities to specific team members.
Go to the bottom of the report page and on the "Assignee" section.
Program manager can then select the team member from a list of program members to whom they wish to assign the report.
The assigned team member will then be responsible for evaluating the report and taking appropriate action on it.
Program managers can assign rewards to the hacker who submitted the report as a token of appreciation or reward for their contribution.
Go to the top of the report page and click on the "Assign Reward" button.
Enter the details of the reward, such as the type of reward and the amount.
Program managers can report users who violate the program's terms of service or abuse the platform. This allows program managers to take appropriate action against individuals who misuse the platform.
Go to the top of the report page and click on the "Report User" button.
Provide a reason for the report, such as "violation of terms of service" or "abuse of platform".
This report will be reviewed by the platform team, and appropriate action will be taken.
Another feature provided by the Reports section in BugBase is the ability to export a report as a PDF. This allows program managers to easily save a copy of a report for offline viewing or for sharing with others.
Go to the top of the report page and click on the "Export Report as PDF" button.
This feature allows program managers to easily save a copy of a report for offline viewing or for sharing with others, such as stakeholders, team members, and other members of the organization. This feature makes it easy to share the report with others and to have a permanent record of the report.
Program managers can connect to integrations like Jira, Asana, Github and more. This allows program managers to integrate their bug bounty program with their existing workflows and processes, for example, by automatically creating tasks in project management tools for vulnerabilities that need to be fixed.