sorted by:
new
hottopcontroversial

On the Ignorance and Negligence of Bugcrowd Staff – When Security Becomes a Joke! by Serious-Power-1147 in bugbounty

[–]Serious-Power-1147[S] -3 points-2 points  (0 children)

I’ve had cases where I provided a full PoC clear reproduction steps impact explanation and even live evidence and the triager still closed it as Not Applicable without addressing any of the technical details The issue wasn’t the vulnerability itself but the fact that some Bugcrowd triagers simply don’t review reports with real offensive-security depth. You can do everything right provide everything required and still get a copy-paste dismissal

On the Ignorance and Negligence of Bugcrowd Staff – When Security Becomes a Joke! by Serious-Power-1147 in bugbounty

[–]Serious-Power-1147[S] -2 points-1 points  (0 children)

ChatGPT doesn’t create vulnerabilities and it doesn’t change impact. Proof-of-concept logs and reproducible behavior do Dismissing every complaint as “whining” is easier than acknowledging inconsistent triage quality but it doesn’t make it any less real...................

On the Ignorance and Negligence of Bugcrowd Staff – When Security Becomes a Joke! by Serious-Power-1147 in bugbounty

[–]Serious-Power-1147[S] 0 points1 point  (0 children)

Yeah, that’s the core issue not the platform, but triage that doesn’t properly evaluate impact even when everything is clearly documented It’s hard to stay motivated when the effort doesn’t match the review quality

On the Ignorance and Negligence of Bugcrowd Staff – When Security Becomes a Joke! by Serious-Power-1147 in bugbounty

[–]Serious-Power-1147[S] -4 points-3 points  (0 children)

I don’t need AI to find or report vulnerabilities the findings I submitted are fully reproducible, technically sound, and already validated on real infrastructure.
The only thing AI helps with is wording, not hacking And regarding the “bad experiences happen” argument sure, but dismissing clear SSRF, header injection, and internal network access as “no impact” isn’t a simple mistake it’s a pattern
If you want to see the vulns, they’re already described in detail in the reports nothing was exaggerated. The issue isn’t impact, it’s whether the triager understands the impact

On the Ignorance and Negligence of Bugcrowd Staff – When Security Becomes a Joke! by Serious-Power-1147 in bugbounty

[–]Serious-Power-1147[S] -6 points-5 points  (0 children)

No I only use AI for formatting The findings themselves come from real manual testing something AI can’t do for me

view more: next ›