Blockers

Blockers help identify a submission that requires additional actions or information from you or the researcher. These requests can originate from Bugcrowd ASEs or Customers who are looking for additional information on a submission. Resolving the request will help them clarify any issues and enable progress on a submission.

Generally, these requests help us to:

  • Clarify details in a submission
  • Obtain updated credentials for a target
  • Access a target
  • Update payment information

Adding a Blocker

  1. In the Activity section for a submission, click Create a blocker

    create-blocker

    The Create a blocker section is displayed.

    create-blocker-box

  2. From the On… drop-down list, select the following:

    • Bugcrowd Operations: Blocker is created on Bugcrowd Operations and the individual who has received the blocker must respond to resolve it.
    • Researcher: Blocker is created on the Researcher(s). The Researcher(s) must respond to resolve the blocker.

    blocker-operations-researcher

  3. If you have selected Bugcrowd Operations, then from the Select a reason drop-down menu, select any of the following options as the reason for the blocker message:

    • Provide information on reproduction
    • Provide information on impact
    • Respond to comments

    blocker-operations-reason

  4. If you have selected Researchers, then from the Select a reason drop-down menu, select any of the following options as the reason for the blocker message:

    • Provide information on reproduction
    • Provide information on impact
    • Respond to comments

    blocker-researcher-options

  5. Click Create.

    blocker-create

    The “Blocker created” message is displayed and the blocker comment will be added to the submission. Please remember to write a comment explaining what you need from the recipient of the blocker.

    Submission can only have a single blocker pending at a time. You can add another blocker only after the existing blocker is resolved.

View Blocker Activities

Each time Bugcrowd creates a blocker it is logged in the submission’s activity feed. Everyone who has access to the submission has full visibility into the blocker’s current state and progress. For example, you can see when a blocker has been created or completed.

blocker-activities

View Blocker Alerts

To help you identify submissions that are blocked, an alert icon will appear in the submissions inbox. The alert notifies you that the submission has been marked by a Bugcrowd ASE as blocked and needs something from either you or a researcher.

blocker-alerts

On the submission, the blocker is displayed at the top as a page alert. The page alert includes a brief description and identifies who has to respond for unblocking the submission. For example, “Waiting on ‘org name’ to provide information” indicates that the ASE is waiting for a response.

alert-message

Note: Blocker alerts are visible to all the researchers on the submission.

Bugcrowd ASEs will provide further context of the blocker in a Team Note in the activity feed.

private-note

Search for Blockers

Generally, submissions that transition between the New and Triage states may require more information as they are being reviewed. Therefore, blockers will appear more often on submissions in these two states.

To find blockers, you can filter your submissions using the blocked-by token. You can then filter by submissions blocked by anyone, customers, researchers, or Bugcrowd operations. You can also search for unblocked submissions.

For more information on Submissions, see filtering submissions.

blocker-filter

Resolve Blockers

Once you resolve the blocker, add a comment on the submission and select the This comment resolves the blocker option.

You can use the commenting method that delivers the information to the intended audience. If you want the information to only be accessible to Bugcrowd, add a team note. Researchers will only see that you resolved the blocker. Otherwise, you can add a regular comment if you want everyone to see your response.

resolve-blocker

After you resolve the blocker, it will be updated on the activity feed and a green checkmark icon will indicate the blocker has been resolved.

green-checkmark