Recent Update to Insights dashboard
Over the years, we have built out offerings and features of our bug bounty services by partnering with customers, like you, on how to improve. We have recently made significant improvements to assist with customization when it comes to searching submissions, reporting, and deep diving into actionable data in the Insights dashboard.
It is important to have a high-level view of your program’s performance and vulnerability trends; however, a detailed-level view of your program is vital for knowing the ins and outs of how to enhance your overall program performance. In return, Crowdcontrol gives program owners an in-depth view of program performance, team response time, bounty spend, and exportable results for custom reporting. To make it even easier and faster, we recently launched our Intuitive Submission Search feature to allow you to customize and reduce wasted time on locating a particular submission.
New Feature: Intuitive Submission Search
In a traditional security assessment, clients receive a handful of vulnerability submissions in a report. In bug bounties, you can receive hundreds, if not thousands of hacker submissions over the course of a long-standing program. To aid in the security workflow of triaging these reports, Bugcrowd has launched a fully Intuitive Submission Search capability. This search tool is all-encompassing, allowing the program owner to filter and sort submissions by even the most minute detail. As well as full-text searching, Intuitive Submission Search lets you filter and order by categories like VRT Category, Submission Date, researcher, target, assignee, etc. Using Intuitive Submission Search in conjunction with Insights and Reports can enable a program owner to fully command the bounty/VDP program, aggregating the most valuable security information to the security team and client organization.
This update builds on many of our Crowdcontrol updates, such as the enhancement of the vulnerability submission form, enabling us to track bounty trends by specific targets, technical severity, and vulnerability types. The integration of our Vulnerability Rating Taxonomy provides rich information about the types of security flaws. These underlying enhancements make it simple to sort and filter results, delivering the most powerful reporting for bug bounty programs.
This report allows you to track your activity over time to see trends in submission volume, and severity. It further breaks down submissions by vulnerability type and target, allowing you to see where and how flaws are surfacing in your program.
Program performance gives an overview of how quickly submissions are moving through your processes. The breakdown by severity is key for organizations with SLAs around high-severity vulnerabilities.
Bounty Spending allows you to see where bounties are being rewarded by target, and provides high-level metrics about your rewards.
Specify a more granular view of the report by using extensive filtering functionality provided on the Insights dashboard on-demand and export a PDF or CSV file of the selected data – allowing for reports in Excel or your tool of choice.
For further detail on Insights, visit our Crowdcontrol documentation. If you have any thoughts, ideas, or questions, we’d love to hear from you at firstname.lastname@example.org or @Bugcrowd.