BugCrowd Connector

BugCrowd is a crowdsourced security platform that organizations use for 24/7 Bug Bounty programs and white-hat Vulnerability Disclosure.


To import your internal BugCrowd findings to Cisco Vulnerability Management, use the Cisco Vulnerability Management Security BugCrowd Connector.

Prerequisites

  • The BugCrowd Connector does not need a Virtual Tunnel or Agent.
  • The user must have API Access to the BugCrowd API.
  • The user must have access to the items you want to import to Cisco Vulnerability Management.
  • You must be a Cisco Vulnerability Management administrator.

Configuring your Connector in Cisco Vulnerability Management

1. In the Cisco Vulnerability Management UI, click Connectors.
2. Click Add Connector.
3. In the Bug Bounties section, click BugCrowd.

BugCrowd1.png

 

4. On the Bugcrowd screen, enter the following information:

BugCrowd.png

  • Name: Enter a name for the connector, or leave it as “Bugcrowd."

  • Enter the Username and Password for the user account with the API key and access you need.

  • Schedule: Select the  frequency that you’d like your Connector to run.

  • Asset Inactivity Limit: Enter a time in days for the connector level asset inactivity limit. For BugCrowd connectors, Cisco recommends using a longer Asset Inactivity Limit because these items are ingested less often than a typical Vulnerability Management vulnerability or Application Security Module finding.

5. Click Save and Verify.

What Bugcrowd Items does Cisco Vulnerability Management Import and what API Calls are involved?

Cisco Vulnerability Management will import all of the findings associated with the user account that you are using. Cisco Vulnerability Management will import all of the recognized Submissions from BugCrowd.

 

Fields in BugCrowd

Fields in Cisco Vulnerability Management

Notes

target_name*

Application identifier

Search for application_identifer in Cisco Vulnerability Management by using the custom query box and typing application:""

submissions > Bug_url

URL

Search for url in Cisco Vulnerability Management by using the custom query box and typing url:""

state (is_open)

Vulnerability Status

 

reference_number

scanner_id

 

priority

scanner_score

1-5

vrt_lineage

unique_identifier on the vulnerability page

 

Description

Description

 

Extra Information

Details

 

remediation_advice + vulnerability_references

Diagnosis in Fixes / or scanner_vulnerability in vulnerability

 

 

*Important: Target Name may appear as “Unset BugCrowd Target”

 

The Connector does not import the following:

  • Amount Paid

  • Comments

  • Custom Fields
  • Unfamiliar vrt_records that cannot be logically mapped

    • This information will not fail the connector, but this record will not be included in the successful run.

The API endpoints that Cisco Vulnerability Management uses are:

  •  https://api.bugcrowd.com

  • /submissions/#{bounty_uuid}

  • /bounties/#{bounty_uuid}/submissions

Note: Cisco is currently using the v3 API for BugCrowd at this time.

Optional Settings

The following settings can be enabled on the backend for Bugcrowd Connectors. To have these settings enabled, or for more information, please contact Support, or your Customer Success Engineer.

Exclude Informationals

When you enable this option, Cisco Vulnerability Management will only import vulnerabilities that include a CVE, CWE, or WASC ID.

Ignore Scanner Last Seen Time

Select this setting if you do not want the asset last seen time in Cisco Vulnerability Management to be the scanner reported last seen time.

Custom Ordered Locators

Locators (such as IP, Netbios, and FQDN) can be reordered to better deduplicate vulnerabilities on the Connector level or the entire Platform level. For more information, see the help article here.

Common Reasons for BugCrowd Connector Run Failures

  • Bad credentials

  • No reports are found, Cisco Vulnerability Management will abort

  • Failed API calls

  • Inability to process unexpected data/format

  • If more than 1% of connector payloads fail, Cisco Vulnerability Management will auto-fail the Connector Run.

Additional Assistance

Contact Support if you require any additional assistance with the Bugcrowd Connector.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.