Commenting

ASEs identify critical customer comments and prioritize responding to them. The types of comments are private comment and reply to researcher comment.

When adding comments, you can style your text using the Markdown syntax. For more information, see using markdown for formatting content.

Adding a Private Comment

Private comments are only viewable by customers and ASEs, not researchers.

When you click Add a private comment, the following screen is displayed.

private-comment

Click Save private comment to send the message to Bugcrowd and your team on Crowdcontrol.

Replying Directly to Researcher

When you click Reply to (user name), the following screen is displayed.

direct-to-user

Click Send message. The message is sent to the researcher and it is visible to all in the submission activity stream. The researcher will receive an email notification that you have commented on their submission for additional information from them. Even if the submission is not yet claimed, the email notification is sent to the researcher.

The Reply to (researcher) option is unavailable for submissions made anonymously (through the embedded form without providing an email address) or has no associated researcher (example, through Qualys).

Adding Blocker When Replying to Comment

You can add a blocker for a submission. For information about blockers, see blockers.

Viewing Submission Activities

Each submission has an activity stream that maintains a history log of all actions, comments, and changes that have been made to a submission and a record of the person who made the changes.

activities

When you comment on a submission, you automatically subscribe to receive updates for that submission. Learn more about submissions and how to unsubscribe from them.

When adding a comment, you can notify a team member directly by mentioning their name using the “@” key. This is useful when you need to alert someone who is not currently assigned or subscribed to a submission.

Mention the Application Security Engineer on-staff for your submission by mentioning @Bugcrowd.

Uploading an Attachment with Your Comment

When replying to a researcher or sending a private message, you can click Add attachments and attach a video, image, or PDF. This helps you share sensitive information without uploading it to third party.

add-attachment

Browse to the location of the file you want to upload. You can attach up to five files at a time. The supported file types are avi, gif, jpg, mov, mpeg, and pdf.

The size of each uploaded file cannot exceed 100 MB.

The attached files are displayed as shown. To delete an attachment,. click X icon.

attachments-uploaded

Editing a Comment

Editing prior to notifications: If you are able to edit the comment within two minutes the notifications to other users around the comment will use the updated text. Note integrations will trigger right away and will not receive the updated text.

You can edit comments and/or private notes.

To edit a comment, click the icon on the right side of the comment and click Edit.

edit-comment

Make the required changes and click Save Comment.

save-comment

The Comment Updated message is displayed.

Deleting a Comment

You can delete comments and/or private notes.

To edit a comment, click the icon on the right side of the comment and click Delete.

delete

A pop-up message asking for confirmation is displayed. Click OK. The comment is deleted and [DELETED] is displayed in the activity feed.

deleted-message


Onboarding
Account Management
Program Management
Reporting
Submission Management
Integration Management