Skip to main content

Reviewing

Reviewing a Report

Open a report and click "Create Review." A review captures:

  • Whether the issue was verified (reproduced).
  • The organization's severity assessment.
  • Whether the issue has been fixed.
  • Classification flags — PII, PHI, access control, confidentiality, integrity, availability.
  • Reviewer notes — internal analysis in Markdown.

You can create multiple reviews as the investigation progresses. Each review is timestamped and attributed to the reviewer.

Internal Messages

Organization members can mark messages as internal, which makes them visible only to other organization members. This is useful for internal discussion that should not be shared with the reporter.

Payments

Organization members can create payments associated with a review. Payments go through an approval workflow: created, approved, then marked as paid. Reporters can see their payment status on the report page.

Publishing

When a report has been reviewed, you can publish it to your connected integrations (Linear, Slack). Publishing creates an issue in your issue tracker and posts a notification to your messaging channel. See the Integrations section for setup details.