For security teams, finding and remediating vulnerabilities is part of a broader workflow that extends across the DevOps life cycle. For that reason, an end-to-end integration library that includes pre-built connectors, webhooks, and a rich, easy to use API is an important feature in the Bugcrowd Platform.
In 2020, we released Bugcrowd API v4 to help customers more easily prioritize, track, and remediate vulnerabilities by building their own integrations with existing internal processes. API v4 contains many features that make it even more useful than before (and harder to justify staying on v3), including:
Bugcrowd API in Action
One Bugcrowd customer uses the Bugcrowd API in a clever way: When a researcher submits a vulnerability against any of their targets, their system receives a programmatic notification of the submission being created. The system then collects metadata relating to the target in question from its various sources, and posts that data back to the submission as a comment for relevant stakeholders. As a result, everyone has access to all the context and information they need about a vulnerability submission and its status.
Why Wait?
For migrating to API v4, use the instructions here. (Note: API v3 will be on maintenance, with no further enhancements, going forward.) We’re here for you if you need help; if it seems like there is something you used to do in v3 that is no longer possible in v4, please contact us via support@bugcrowd.com right away.