🔸Finding Submission

This section covers the finding submission process.

Finding Submission Overview

In order to submit a finding, we recommend doing so directly from theCode Review interface to streamline your workflow.

Let's go through an example of the findings process in action:

  1. Pablo the Security Researcher is performing a competition on Cantina and is using Cantina Code. He stumbles upon a finding in the codebase on line 174:

  1. Pablo wants to report his finding on line 174 and clicks the blue button that appears when he hovers over the area of code he highlighted using his cursor.

  2. Upon clicking the blue button, Pablo is presented with the following:

  3. Pablo has two options: he can leave a comment regarding his thoughts on the interesting area of code or he can go ahead and submit a finding if he feels conviction in the vulnerability he has identified.

  4. Let's say Pablo feels strongly about the bug he's identified and wants to submit a finding. Pablo will go ahead and click Submit Finding which will lead him to the following screen:

  5. Pablo will then fill out the relevant information and click Submit to process his finding submission. After he has submitted his finding - it will appear directly on the code that he has reviewed:

  6. To see an overview of all his findings, Pablo can simply select the Findings tab in the main navbar of the interface to see and manage all the findings he has reported for the security review:

Last updated