Introduction To BugDazzApril 3, 2023
A Quick Guide To Incident Response PlanningApril 7, 2023
BugDazz is now powered with a security posture dashboard called Explorer and this accelerates the pentesting to our clients with the Onboard Client feature, our clients can now organize the pentests, reports, and vulnerabilities based on their organization.
Earlier, we had a large number of projects, remediation reports, and vulnerabilities and should search them through the programs List menu. This happens to be quite cumbersome when a large number of organizations sprung up on the Programs list.
Here is a Eureka moment for us, and guess what! We are back again with the new feature release.
Let’s get into the details of the Onboard Client feature:
The following are the different phases for adding a new organization on BugDazz and generating vulnerabilities, reports, and remediation for different phases:
A bird’s eye view for a quick look at your organization status and updates on all the functionalities we discussed above. At a single click, you get a complete snapshot of
- Stats tab of vulnerabilities: Displays statistics of vulnerabilities only of organization of User(client side)
- Users Tab: Take a look at users from client organization who are added from your organization
- Documents Tab: View all the documents that have been uploaded by your clients and your organization team on BugDazz
- Reports: You can even now upload reports here. These reports may be of general inspection takeaways citing security posture or difficulties you face.
Call me Tracker, Activity Tracker, TrackMyPentest , TrailTracker and much more.
This is the feature which tracks all the activities made by pentesters and clients and displays it in Logs. A manager’s lens is needed for the BugDazz since a lot of vulnerability management and activities ranging from Onboarding the customer, uploading sow’s and documents, addition and deletion of users, retesting and many more are tracked in Logs.
The users of BugDazz can now get a quick glimpse of most recent activities with their details in Log Records. Indeed, it is the activities history of BugDazz. Watch it over.
Wanna see Log tracking activities in action. Watch it below
Track Log Activities
Save the details of your organization on this page. We fill all the details of Organization for following fields.
- Organization Name: Organization’s complete name
- First Name: User’s first name
- Last Name: User’s last name
- Email: User’s Email address
- Designation: User’s designation
- Contact: User’s Mobile number
- User Group: According to user group, different functionalities of BugDazz are enabled/disabled for the User added.
Choose a subscription period. The default subscription period is one year.
More Details: While adding the subscription, the client can add documents, invoices, payment receipts etc. and are tagged while uploading. However, the documents with tags of SOW needs approval from BugDazz team.
If SOW is found incomplete, the client will receive an email.
Now get the details of organization at once. Check if the data is consistent and fulfils all the requirements for further business to proceed.
Lets add a Client
This will showcase all organizations with status of active, inactive, and incomplete.
- Active: Provides a list of current active organizations in BugDazz and are using its features. The organization’s status will be changed to inactive if any details, payments, or subscription period are invalid.
- Incomplete: This status indicates incomplete or invalid information during the onboarding process. When incomplete information is found during the onboarding process, the organization will receive an e-mail with the reasons for the incomplete status.
- Inactive: This status indicates incomplete payments or expired subscriptions.
Lets change the status and approve the clients
Start as Sales Head. Let’s edit our existing Client
Note: Editing or modifying details can be done only if our client isn’t approved. Status should be in ‘Pending’ state.
Here, all the statistics are showcased based on the type, such as count of critical, high, medium, low, and informational.
In the leftmost tab at the top, we show the alias, BugDazz URL, and organization status (active, inactive, pending).
The key features of this tab are:
- Stats: Aggregated statistics of different vulnerabilities according to their severity for all the organizations onboarded on BugDazz.
- Active Users: Add or disable users for the organization. The users need to be approved by the BugDazz team.
Lets add Users
- Documents: Upload including all SOWs, Payment receipts, and other documents. The SOW documents are put for the approval process, while the rest are uploaded directly.
Attach Docs and SOW
- Vouchers: Indicates the number of vouchers consumed by the Organization.
- Reports: Contains a detailed report on findings and remediation of different assets. The client can also upload their reports, which contain necessary information or comments on observations of pentests. Most reports are uploaded by the Pentest team, which includes detailed information on remediation, findings, OWASP compatibility, etc.
We are not done yet. BugDazz Team believes in being a mutant and continuously evolving product focused on customer needs,