BugCrowd
Overview
Section titled “Overview”Integrate your Risk Register with BugCrowd. This integration imports bug bounty submissions as risk records, allowing you to manage vulnerabilities discovered through your BugCrowd program.
- Source: Bug Bounty
- Type: Control Deficiency
- Opened By: “BugCrowd Integration”
The integration can be enabled directly from your Adversarial tenant via Settings > Integrations. The necessary detail to connect your BugCrowd environment is the API Token.
Status Mapping
Section titled “Status Mapping”BugCrowd submission states are mapped to Adversarial risk statuses:
| BugCrowd State | Adversarial Status |
|---|---|
New | New |
Triaged | New |
Unresolved | New |
Resolved | Closed |
Informational | Closed |
Out of Scope | Closed |
Not Reproducible | Closed |
Not Applicable | Closed |
Severity Mapping
Section titled “Severity Mapping”BugCrowd priority maps to Adversarial Initially Reported Urgency (IRU):
| BugCrowd Priority | Adversarial IRU |
|---|---|
| P1 (Critical) | Critical |
| P2 (Severe) | High |
| P3 (Moderate) | Medium |
| P4 (Low) | Low |
| P5 (Informational) | Info |
Fields
Section titled “Fields”| BugCrowd Field | Adversarial Field | Notes |
|---|---|---|
title | Title | |
description | Description | Prefixed with a link to the BugCrowd submission |
submitted_at | Discovered Date | |
last_transitioned_to_resolved_at | Closed Date | |
severity | IRU | Via priority mapping above |
remediation_advice | Remediation Task | |
| (static) | Source | Always “Bug Bounty” |
| (static) | Type | Always “Control Deficiency” |