Your Researcher Dashboard provides you with insights to how you have been performing across all programs. The information you find on your dashboard is very similar to what appears on your researcher profile (https://bugcrowd.com/<your username>), except with a couple of differences:
- You can control the visibility of your profile on public facing pages, such as leaderboards.
- You can drill down into your submission stats by year, last 90 days, and the current month.
- You can see a breakdown of your vulnerabilities by vulnerability type.
To learn more about performance stats, read more a Researcher Profile.
To share your researcher profile publicly, go to your dashboard and toggle the Public researcher profile option on.
Otherwise, if you toggle the option off, your profile will not be accessible to anyone and you will appear as "Private user" on all publicly facing pages, such as leaderboards.
Your dashboard contains the following pieces of information:
- Your rank
- The total amount of points you've earned
- Whether your profile has been verified
- Your all-time performance stats, which include the number of vulnerabilities you've reported, the accuracy of your submissions, and the severity of the vulnerabilities you've reported
- A breakdown of the target types you've reported on
Your rank reflects your overall standing compared to other researchers. Your rank is determined by your total number of points compared to other researchers. The more points you have, the higher your rank.
Your performance stats help you understand the quality and volume of your submissions. You can track how you are doing over time or within a certain time frame. Just select a different time range to change the view.
Your performance stats includes the following information:
- Total Vulnerabilities - The total number of valid vulnerabilities. These include submissions marked as unresolved, resolved, duplicate, or won't fix.
- Accuracy - This measures the percentage of submissions that are valid. This metric is calculated by dividing your total number of valid vulnerabilities submitted over your total number of submissions.
- Average Severity - This is measured by looking at all of your valid vulnerabilities, adding up the total number by its technical severity, based on a scale from 1 to 4 (1 representing a P1, the most critical vulnerability, and 4 representing a P4, the lowest critical vulnerability) and dividing that number by total valid submissions. *Ex: P1 = 2, P2 = 0, P3 = 3, and P4 = 4 ---> total = 1+1+3+3+3+4+4+4+4 = 28/9 =
average technical severity= 3.11
- Volume of Reported Vulnerabilities - This graph provides a chronological snapshot of your total number of valid and invalid vulnerabilities that you have ever submitted.
- Submission Type - This tracks the volume of submissions based on the types of vulnerabilities you've submitted and the types of targets you've submitted on.
- Target Type Breakdown - This tracks the volume of submissions based on the target type (e.g. IoT, Website, API, iOS, Android, Hardware, Other, Not Categorized).