BugBase Docs


BugBase pushes out features continuously, here's all the updates in the platforms at one place.
Find out what's changed or is new on BugBase

January 2023

1. New Hacker Email Alias

Hackers can now use a unique email alias to receive notifications from BugBase.
This alias can be used to create testing accounts and may be necessary for certain testing purposes.
This alias is automatically assigned in the form of [username]@teambugbase.com.

2. Reporting Lifecycle Change

We have made some changes to the reporting lifecycle.
Now all reports will be in one of the following states:
Open State
  • Draft [Awaiting Submission - Editable State]
  • New [Report Submitted]
  • Triaged [Report Assigned to a Program Representative]
Closed State
  • Resolved [Report Resolved by the Program]
  • Duplicate [Report Marked as Duplicate]
  • Invalid [Report Marked as Invalid]
  • Informational [Report Marked as Informational]

3. New Hacktivity Reputation Table

Researchers can now track all their reputation history in the Hacktivity Reputation Table located in their profile page.
This can be found in the profile page of a security researchers https://bugbase.in/profile/[username].

4. Integration with SumoLogic

Now Enterprise Customers can log events from BugBase onto their SumoLogic Collectors seamlessly with one click!

December 2022

1. Fresh Look for your Hacker Profile!

We have revamped the hacker profile page with a clean and modern look.
Visit your profile page at https://bugbase.in/profile/[username]
  • Now you can see your top-ranked competitions!
  • Your success rate and total bounty earned is now visible on your profile.
  • Added few more Report statistics like closed reports, total reports and ongoing reports.
  • Hall of Fame mentions are now visible on your profile.
  • Badges earned are now visible on your profile.
  • Social media links can now be added to your profile!

2. Draft Reports & Number of Reports

Hackers can now save their reports as drafts. This will help hackers to save their reports as drafts and continue working on it later.
Additionally hackers can now see the number of reports under each status.
Reports can be saved as drafts by clicking on the Save as Draft button while submitting a report.

3. Hacker Reporting Flow Updations

We have made some changes to the reporting flow for hackers.
3.1. Vulnerability Endpoint
We have added a new section Vulnerability Endpoint to the reporting flow. This section will help hackers to pin-point the endpoint where the vulnerability was found.
3.2. Report Summary
We have added a new section Report Summary to the reporting flow. This section will help hackers to provide a brief summary of the report.
3.3. Report Vulnerability Impact
We have added a new section Report Vulnerability Impact to the reporting flow. This section will help hackers to provide a brief summary of the impact of the vulnerability.
3.3. Syntax Highlighting in Markdown
We have added syntax highlighting in the markdown editor. This will help hackers to write better reports with proper syntax highlighting.

4. Assign Reports to your Team & Track Reports Seamlessly

Companies can now assign reports to their team members. This will help companies to assign reports to their team members and keep track of the reports.

5. Collaboration in Reports

Hackers can invite other hackers to collaborate on their reports. This is only allowed if the program allows collaboration. This will help hackers to collaborate with other hackers on their reports and give more insights on the report.

November 2022

1. Introducing 3 New Tiers for companies

BugBase now has 3 Tiers for companies curated to fit your needs. You can now choose between the Free, Pro and Enterprise tiers.
  • Free - Companies can host unlimted Vulnerability Disclosure Programs (VDPs) free of cost and receive real-time notifications for new vulnerabilities.
  • Professional - Has everything that the Free tier has, plus the ability to host upto 2 Managed Bug Bounty or Private Bug Bounty programs. This tier also includes Integrations that directly connect BugBase with your existing tools like Webhooks, JIRA, Slack, MS Teams and more.
  • Enterprise - Has everything that the Professional tier has, plus the ability to host upto 4 Managed Bug Bounty or Private Bug Bounty programs. This tier also includes Managed Rapid Triage, a dedicated Security Analyst, Priority Support and much more!
To view the full list of features, visit our Pricing Page.

2. The all new VDP Program

Companies can now host their own Vulnerability Disclosure Programs (VDPs) on BugBase. VDPs are a great way to receive real-time notifications for new vulnerabilities and also to build a strong relationship with the security community.
To start with creating a program, join BugBase by clicking here.

October 2022

1. Secondary Notification Email

Now companies can configure an alternate email address to receive notifications.
This is useful for receiving notifications on a group email address or a specific team email rather than a personal email address.
  • All notifications will be sent to the primary email address by default.
  • If you want to receive notifications on the secondary email address, you can enable it in the settings page.

September 2022

1. All new Insights Dashboard

Now companies can efficiently analyse all the important statistic on the dasboard itself.
  • Check the number of resolved and unresolved reports
  • Insights of latest critical reports
  • Report trends with respect to the severity of the report.
  • Quickly get a glimpse of the risk factor, total vulnerabilities and issues.

2. Add assets across programs:

Companies can now add all domains and subdomains as "assets" on BugBase and monitor bugs and vulnerabilities on specific assets. These assets can be used to create programs. Assets can be seamlessly managed on the asset dashboard.

3. Risk level analysis

Companies can now have a quick glance of the total risk factor, this is done by all analysing the severity of all the bugs/vulnerabilities that have been reported.

August 2022

1. New workflow integrations to our integrations suite.

  • Asana Integration: Now companies can seamlessly harness the power of Asana and transfer a bug report as a task, directly onto their Asana Project. A default section needs to be selected in the configuration, the bug report will automatically get created in the chosen default section. Read this guide to learn more about the Asana integration.
  • GitHub Integration: Now, a bug report can now be directly transferred to any selected GitHub repository. A new issue will be created in the selected repository to help companies efficiently track the reports. Read this guide to learn more about the GitHub integration.
We now support integrations with:
  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
    Microsoft Teams
  6. 6.

2. Introducing Light Theme on BugBase

The entire platform is now available in dark and light themes.

3. Revamped UI for onboarding a New Program

The new UI provides a seamless interface for creating a new program. Added a new and intuitive timeline based onboarding

4. Added support for zip and mp4 files:

  • Hackers can now submit Zip and Mp4 along with their bug reports
  • Companies can upload zip and mp4 files as questions for the competitions

July 2022

1. Grouping of Assets / Scopes

Now you can group assets and scopes together and have a common bounty for each group.

2. New KYC System for Security Researchers

Now security researchers can verify their paymet via our KYC system.
This also gives them a KYC Verified tag which companies can use to pay bounties
Researchers can save their details and Request for KYC Verification