Automation Security & Access
By default, automations have all privileges for your organization, as well as every program and inbox in your organization. These permissions are granted to them via the Automations organization member group. Every automation is associated with a unique API user who is automatically added to the Automations organization member group.
The Automations organization member group is automatically created the first time an automation is created. This group is granted all organization, engagement, and asset-level permissions. This group is not automatically assigned these permissions for new engagements or inboxes, so you’ll have to manually assign those permissions whenever you create a new engagement or inbox. Otherwise, the automation will not be able to access these engagements or inboxes via the API.
Activity and Event Mapping
Whenever an action is performed on a report, it is recorded as an activity. When these activities are created, they dispatch an event. This event can trigger webhooks or automations. The following overview shows the event that will be triggered when an activity is created.
Description | Event | Activity |
When a bounty is awarded on a report. | ReportBountyAwarded | BountyAwarded |
When a bounty is suggested on a report. | ReportBountySuggested | BountySuggested |
When a comment is added to a report by the hacker or a team member. | ReportCommentCreated | Comment |
When a hacker declines a claimed retesting opportunity. | ReportRetestUserLeft | UserLeftRetest |
When a hacker has taken too long to complete their claimed retest. | ReportRetestUserExpired | RetestUserExpired |
When a hacker submits a report. | ReportCreated | BugFiled |
When a report becomes publicly disclosed. | ReportBecamePublic | ReportBecamePublic |
When a report custom field value is updated. | ReportCustomFieldValueUpdated | ReportCustomFieldValueUpdated |
When a report is agreed to be publicly disclosed. | ReportAgreedOnGoingPublic | AgreedOnGoingPublic |
When a report is assigned to a group for triaging. | ReportGroupAssigned | GroupAssignedToBug |
When a report is assigned to a user. | ReportUserAssigned | UserAssignedToBug |
When a report is awarded swag. | ReportSwagAwarded | SwagAwarded |
When a report is being retested. | ReportRetesting | BugRetesting |
When a report is changed from disclosed to no longer disclosed. | ReportUndisclosed | ReportUndisclosed |
When a report is closed as duplicate. | ReportClosedAsDuplicate | BugDuplicate |
When a report is closed as informative. | ReportClosedAsInformative | BugInformative |
When a report is closed as not applicable. | ReportClosedAsNotApplicable | BugNotApplicable |
When a report is closed as spam. | ReportClosedAsSpam | BugSpam |
When a report is locked. | ReportCommentsClosed | CommentsClosed |
When a report is manually disclosed. | ReportManuallyDisclosed | ManuallyDisclosed |
When a report is marked as ineligible for bounty. | ReportNotEligibleForBounty | NotEligibleForBounty |
When a report is marked as needing more info. | ReportNeedsMoreInfo | BugNeedsMoreInfo |
When a report is pending program review. | ReportPendingProgramReview | BugPendingProgramReview |
When a report is reopened. | ReportReopened | BugReopened |
When a report is resolved. | ReportResolved | BugResolved |
When a report is triaged. | ReportTriaged | BugTriaged |
When a report remediation guidance is updated. | ReportRemediationGuidanceUpdated | ReportRemediationGuidanceUpdated |
When a report retest is approved by a team member. | ReportRetestApproved | ReportRetestApproved |
When a report retest is completed by a hacker. | ReportUserCompletedRetest | UserCompletedRetest |
When a report retest request is canceled. | ReportRetestCanceled | ReportRetestCanceled |
When a report severity rating is updated by any user. | ReportSeverityChanged | ReportSeverityUpdated |
When a report title is changed. | ReportTitleChanged | ReportTitleUpdated |
When a report triage summary is created. | ReportTriageSummaryCreated | ReportTriageSummaryCreated |
When a report's custom inboxes are updated. | ReportOrganizationInboxesUpdated | ReportOrganizationInboxesUpdated |
When a team member rejects a retest. | ReportRetestRejected | ReportRetestRejected |
When the state of the report is changed back to new and requires action. | ReportNew | BugNew |
Supported Integrations
Automatically escalate vulnerability report data to the following integrations.