Generally, these requests help us to:
- Clarify details in a submission
- Obtain updated credentials for a target
- Access a target
- Update payment information
Add a Blocker
When adding a private comment or replying directly to a user, you can select the Create a Blocker option.
- To set a blocker for Bugcrowd Operations or Researchers, select any of the following options from the drop-down:
- Bugcrowd Operations: The blocker is created for the Bugcrowd operations. The Bugcrowd operations must respond to resolve the blocker.
- Researcher: The blocker is created on the Researcher(s). The Researcher(s) must respond to resolve the blocker.
- Select one of the reasons for creating the blocker:
- Provide information on reproduction
- Provide information on impact
- Respond to comments
Click Save private comment or Send message based on your initial selection.
The comment along with the blocker will be added to the submission.
A submission can only have a single blocker pending at a time. You can add another blocker only after the existing blocker is resolved.
View Blocker Activities
Each time Bugcrowd creates a blocker it is logged in the submission’s activity feed. Everyone who has access to the submission has full visibility into the blocker’s current state and progress. For example, you can see when a blocker has been created or completed.
View Blocker Alerts
To help you identify submissions that are blocked, an alert icon will appear in the submissions inbox. The alert notifies you that the submission has been marked by a Bugcrowd ASE as blocked and needs something from either you or a researcher.
On the submission, the blocker is displayed at the top as a page alert. The page alert includes a brief description and identifies who has to respond for unblocking the submission. For example, “Waiting on ‘org name’ to provide information” indicates that the ASE is waiting for a response.
Note: Blocker alerts are visible to all the researchers on the submission.
Bugcrowd ASEs will provide further context of the blocker in a Team Note in the activity feed.
Search for Blockers
Generally, submissions that transition between the New and Triage states may require more information as they are being reviewed. Therefore, blockers will appear more often on submissions in these two states.
To find blockers, you can filter your submissions using the
blocked-by token. You can then filter by submissions blocked by anyone, customers, researchers, or Bugcrowd operations. You can also search for unblocked submissions.
For more information on Submissions, see filtering submissions.
Once you resolve the blocker, add a comment on the submission and select the Notify Bugcrowd Operations that the blocker is resolved option.
You can use the commenting method that delivers the information to the intended audience. If you want the information to only be accessible to Bugcrowd, add a team note. Researchers will only see that you resolved the blocker. Otherwise, you can add a regular comment if you want everyone to see your response.
After you resolve the blocker, it will be updated on the activity feed and a green checkmark icon will indicate the blocker has been resolved.