Report Management

Report Actions

Hackers can submit vulnerabilities to your program through submitting reports option. You can manage all incoming reports through your Inbox by taking the flowing actions:

Add Comments

You can add comments on the reports to communicate with hackers or team members and/ or make specific notes regarding submitted reports.

To add a comment: 1) Go to the bottom of the report above the comment box. 2) Make sure the action picker is set to Add comment. 3) Click the Add Comment button

Change the state of report as Triaged

You can change the state of a report as Triaged. That’s mean the report has passed the initial validation and is pending resolution. When you select triage, you can enter the reference ID to your integration in the Reference ID field.

To change the state of a report: 1) Go to the bottom of the report. 2) Change the action picker to Triaged from the drop-down. 3) Add a new reference ID for the report. 4) Click Change Report State button.

Request more details

You can request more details if you needs more information from the hacker before proceeding. For that you can send back report to the hacker by applying this action to the report.

To request more details: 1) Go to the bottom of the report above the comment box. 2) Select Need More Details in the action picker. 3) Click Request More Details button.

Close a Report

You can close a report to mark that it’s either:

State

Details

Fixed

The report is valid and acceptable.

No Problem

The reported vulnerability doesn’t needed an immediate action or a fix.

Duplicate

This issue has already been reported. Programs can build trust by attributing the issue to its original discoverer and linking it to a previous report or including other details about its discovery.

Irrelevant

The report doesn’t contain a valid issue and details regarding the vulnerability.

Spam

The report is invalid because the hacker didn’t describe a legitimate security vulnerability.

To close a report: 1) Go to the bottom of the report above the comment box. 2) Select Close report in the action picker. 3) Choose the status of the report which reasoned to the close report. 4) Click Close report button.

Grant Rewards

After a report is closed you can grant rewards to the hacker: 1) Go to the bottom of the report above the comment box. 2) Select Grant Rewards in the action picker. 3) Select the reward type:

Bounty - You can enter amount of the bounty
Swag - You can select to reward the swag

PreviousGroup Management NextDisclosure

Last updated 2 years ago