Researcher Documentation

Welcome to the researcherdocs developer hub. You'll find comprehensive guides and documentation to help you start working with researcherdocs as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started
improved

Payoneer Update

Posted by Richard Yang about a year ago

Hackers can now delete their connected Payoneer account within Payment Methods.

added

Program Search Launched

Posted by Barnett Klane about a year ago

Hackers are always looking for their next target to dig into. Now with our new program search, this is more flexible and easier than ever before. With new advanced text search and filtering, researchers can search by skill, special reward incentives, as well as programs previously submitted to, some of the many levers Bugcrowd’s expert team uses to invigorate program participation over time. This creates better visibility across all programs and helps customers connect with the right researchers for their program.

Updating to VRT 1.7

Posted by Barnett Klane about a year ago

We recently released VRT v1.7, with a platform integration planned for the week of March 25th. The release includes but is not limited to the below updates, learn more here.

Payments Update

Posted by Barnett Klane about a year ago

Researchers’ Payment settings have been moved from Account settings tab into a Payment Methods tab. As well as, updated the payment csv export by date order. Allowing researchers a more simplified view of their payment timeline and submissions.

improved

File Support Update

Posted by Barnett Klane about a year ago

No longer need to upload large files to external sources, platform now supports 100MB for all file uploads. Allowing customers and researchers to upload larger files than ever before.

added

Application Security Engineer Listed

Posted by Barnett Klane about a year ago

With Bugcrowd triage, easily identify who your current primary Application Security Engineer (ASE) is right from your program summary page.

improved

Updating to VRT 1.6

Posted by Barnett Klane about a year ago

Updated VRT 1.6 includes two major changes: revision to internal SSRF, and how we rate email spoofing, more specifically the baselines around SPF and DMARC.

added

Point Reward System Better Aligns Expectations and Acknowledges Researchers for Their Hard Work

Posted by Barnett Klane about a year ago

Improvements to the point reward system have been made to better align expectations between customers and researchers. Qualifying“Won’t Fix” submissions will be rewarded points to recognize the researchers for their hard work, while setting the expectation that the vulnerability is an accepted risk that will not be fixed.Researchers can now download a CSV with remitted payments. Researchers are once again receiving email notifications for VRT or priority updates to their submissions.

improved

Updating to VRT 1.5

Posted by Barnett Klane about a year ago

The latest VRT release (version 1.5) includes the following updates:
-Improving transparency by adding multiple entries for commonly reported issues
-Aligning the baseline severity rating to best reflect the market by increasing taxonomy granularity

added

Crowdcontrol Improves Adjusted Payment Workflow

Posted by Barnett Klane about a year ago

Although rare, customers have made a mistake when rewarding for vulnerabilities and, therefore, adjustments may be needed. Upon the cancelation of a reward, researchers will be notified and informed of the reason for the change. Customers can then award the correct amount.