HackEDU

Integrating Bugcrowd with HackEDU allows you to automatically use the vulnerabilities of your bug bounty programs for building dynamic training plans for developers.

This integration is built and maintained by HackEDU. For questions, send an email to support@hackedu.com. .

Setting Up HackEDU Integration

Before you setup the integration, you must be a HackEDU and Bugcrowd customer.

After you set up the integration, all submissions that have an Unresolved state are pushed to HackEDU in the format that you choose.

Generate an API Key in Bugcrowd

  1. Go to https://tracker.bugcrowd.com/user/api_credentials.

  2. In Application name, type HackEDU and click Create credentials.

    bugcrowd-api-key-hackedu

    A section with your token credentials will be displayed. Make sure you make a note of these credentials before leaving the page. The credentials will not be viewable after the page is refreshed or if you move away from this page.

Install Integration in HackEDU

To set up the HackEDU integration, you must generate an API token that allows Bugcrowd to authenticate to HackEDU’s API.

  1. Log in to HackEDU as an administrator.

  2. Go to the Admin Dashboard.

  3. In the left menu, click Settings > Data Integrations.

  4. Click Add Integration.

    add-integration

  5. From the list of integrations, select Bugcrowd.

  6. Chose whether to apply these vulnerabilities to your entire organization or only for a specific team.

    apply-data

    You can click the link at the bottom of this page to view the data that is accessible from HackEDU and the events that occur if you continue with integration. For information about HackEDU’s security and data policies, see HackEDU security.

  7. Enter your Bugcrowd Basic Authentication Username and Password for the integration, and click Continue.

    bugcrowd-authentication

  8. If you have multiple Bugcrowd programs, you will be prompted to select the program that you want to apply for the integration.

  9. Confirm the details of your integration and click Finish.

    finish

  10. Your integration will automatically begin to sync, and will re-sync once a day. Click on the integration to view the data that is synchronized, and to open the original Bugcrowd submissions.

    synchronization

Setting up Training Plans

Once the vulnerability data is available in HackEDU, an Adaptive Training Plan can be setup for training the developers. For information to setup the training plan, see adaptive training plan.