II.
Workflow overview
Reference · liveworkflow:bug-bounty-triage
Bug Bounty Triage overview
Triages incoming bug bounty reports — validating reproducibility, assessing severity, deduplicating against known issues, coordinating with engineering for fixes, communicating with researchers, and managing reward payouts. Excludes the fix implementation.
Attributes
displayName
Bug Bounty Triage
workflowKind
security
triggerType
event-driven
typicalCadence
per-report
complexity
single-team
description
Triages incoming bug bounty reports — validating reproducibility,
assessing severity, deduplicating against known issues, coordinating
with engineering for fixes, communicating with researchers, and managing
reward payouts. Excludes the fix implementation.
Outgoing edges
applies_to_domain2
- domain:cybersecurity·DomainCybersecurity
- domain:security·DomainSecurity
involves_role3
- role:security-reviewer·RoleSecurity Reviewer
- role:vulnerability-scanner·RoleVulnerability Scanner
- role:engineering-manager·RoleEngineering Manager
performed_by_org_unit2
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:application-security-team·OrgUnitApplication Security Team
requires_skill_area1
- skill-area:incident-response·SkillAreaIncident Response
triggers_responsibility2
- responsibility:triage-incoming-issues·ResponsibilityTriage incoming issues
- responsibility:security-review·ResponsibilitySecurity review
Incoming edges
None.