The Security Posture Report provides information about the type, severity, the number of vulnerabilities received, your team’s ability to quickly act, and learn from findings. This report helps in identifying trends in response and resolution times, and changes to the received vulnerabilities. Based on industry benchmarks, you can quickly map your progress compared to industry peers. The report is generated as a PDF file.
The Security Posture Report includes the following sections:
- Executive Summary: Provides the purpose of the report and summarizes the report details.
- Resolution Trend: Includes a graph that shows how quickly your organization is resolving submissions. It shows the time taken between acceptance and resolution for submissions.
- Opportunities: Provides information about how your organization is performing compared to the peers in your industry. Based on this information along with an understanding of unique industry trends, Bugcrowd may recommend actions that can help to improve submission volume.
-
Security Posture: Provides information about the following:
- Number of open vulnerabilities for your program.
- Targets in your program that have the most submissions.
- Targets that require additional attention from your team.
- Submissions: Provides details of valid submissions for your program for the last 30 days.
To generate a Security Posture Report:
-
After logging into Crowdcontrol, select a program from the drop-down menu, and then click the Reports menu. The Reports page is displayed.
-
Click Generate report and then click Security Posture Report.
The Create Security Posture Report page is displayed.
- Provide the following information:
- Report title: Title for the report.
- Bounty name: Program name for which you are generating the report.
-
Click Generate report. You will receive an email to download the report.
The generated report is displayed as a link on the Reports page. Refresh the page to view the link.
Note: The report title link is active only after the PDF report is generated.
-
Click the link to view the report details.