All about Bugcrowd Findings

If you use the Bugcrowd toolkit for web application testing, you can manage Bugcrowd Scanner findings within your WAS account. Our Bugcrowd Suite integration gives you a way to store the findings discovered by the Bugcrowd Suite scanner with those discovered by WAS and share this information with multiple users.

How to get started

Import Bugcrowd CSV file. Simply, go to Detections > Bugcrowd > Import (1).

Choose a Bugcrowd file in CSV format from your local file system (2) and select the web application that the Bugcrowd file applies to (3). The CSV file containing detections should not exceed 20MB  for only one web application.

We recommend the Purge option (4) to avoid duplicate findings when importing from multiple Bugcrowd instances and then simply click Import (5). Learn more

The preview pane appears under the file list when you click anywhere in a report row.

The issues imported with your Bugcrowd file are displayed in the issues list. Go to Detections > Detections List.

The Detection List displays security findings discovered by our cloud security service, Burp findings and Bugcrowd findings that you import. In the Filter Results select Bugcrowd Finding Type and the list will display only Bugcrowd issues. You can view issues in detail - including detection dates, status and severity.

You’ll see a Bugcrowd severity assigned to each issue - High, Medium, Low or Info. A False Positive is assigned the Low severity.

Looking for something more  

How do I view issue details?

How do I ignore a Bugcrowd issue?

What does the issue Activate action do?

I don't see Bugcrowd options. Why?