Skip to main content
All CollectionsAutomations
Automation Security & Event Mapping
Automation Security & Event Mapping

Organizations: Learn what access automations have and how to map activity

Updated over 3 months ago

Automation Security & Access

By default, automations have all privileges for your organization, as well as every program and inbox in your organization. These permissions are granted to them via the Automations organization member group. Every automation is associated with a unique API user who is automatically added to the Automations organization member group.

The Automations organization member group is automatically created the first time an automation is created. This group is granted all organization, engagement, and asset-level permissions. This group is not automatically assigned these permissions for new engagements or inboxes, so you’ll have to manually assign those permissions whenever you create a new engagement or inbox. Otherwise, the automation will not be able to access these engagements or inboxes via the API.

Activity and Event Mapping

Whenever an action is performed on a report, it is recorded as an activity. When these activities are created, they dispatch an event. This event can trigger webhooks or automations. The following overview shows the event that will be triggered when an activity is created.

Description

Event

Activity

When a bounty is awarded on a report.

ReportBountyAwarded

BountyAwarded

When a bounty is suggested on a report.

ReportBountySuggested

BountySuggested

When a comment is added to a report by the hacker or a team member.

ReportCommentCreated

Comment

When a hacker declines a claimed retesting opportunity.

ReportRetestUserLeft

UserLeftRetest

When a hacker has taken too long to complete their claimed retest.

ReportRetestUserExpired

RetestUserExpired

When a hacker submits a report.

ReportCreated

BugFiled

When a report becomes publicly disclosed.

ReportBecamePublic

ReportBecamePublic

When a report custom field value is updated.

ReportCustomFieldValueUpdated

ReportCustomFieldValueUpdated

When a report is agreed to be publicly disclosed.

ReportAgreedOnGoingPublic

AgreedOnGoingPublic

When a report is assigned to a group for triaging.

ReportGroupAssigned

GroupAssignedToBug

When a report is assigned to a user.

ReportUserAssigned

UserAssignedToBug

When a report is awarded swag.

ReportSwagAwarded

SwagAwarded

When a report is being retested.

ReportRetesting

BugRetesting

When a report is changed from disclosed to no longer disclosed.

ReportUndisclosed

ReportUndisclosed

When a report is closed as duplicate.

ReportClosedAsDuplicate

BugDuplicate

When a report is closed as informative.

ReportClosedAsInformative

BugInformative

When a report is closed as not applicable.

ReportClosedAsNotApplicable

BugNotApplicable

When a report is closed as spam.

ReportClosedAsSpam

BugSpam

When a report is locked.

ReportCommentsClosed

CommentsClosed

When a report is manually disclosed.

ReportManuallyDisclosed

ManuallyDisclosed

When a report is marked as ineligible for bounty.

ReportNotEligibleForBounty

NotEligibleForBounty

When a report is marked as needing more info.

ReportNeedsMoreInfo

BugNeedsMoreInfo

When a report is pending program review.

ReportPendingProgramReview

BugPendingProgramReview

When a report is reopened.

ReportReopened

BugReopened

When a report is resolved.

ReportResolved

BugResolved

When a report is triaged.

ReportTriaged

BugTriaged

When a report remediation guidance is updated.

ReportRemediationGuidanceUpdated

ReportRemediationGuidanceUpdated

When a report retest is approved by a team member.

ReportRetestApproved

ReportRetestApproved

When a report retest is completed by a hacker.

ReportUserCompletedRetest

UserCompletedRetest

When a report retest request is canceled.

ReportRetestCanceled

ReportRetestCanceled

When a report severity rating is updated by any user.

ReportSeverityChanged

ReportSeverityUpdated

When a report title is changed.

ReportTitleChanged

ReportTitleUpdated

When a report triage summary is created.

ReportTriageSummaryCreated

ReportTriageSummaryCreated

When a report's custom inboxes are updated.

ReportOrganizationInboxesUpdated

ReportOrganizationInboxesUpdated

When a team member rejects a retest.

ReportRetestRejected

ReportRetestRejected

When the state of the report is changed back to new and requires action.

ReportNew

BugNew

Supported Integrations

Automatically escalate vulnerability report data to the following integrations.

Did this answer your question?