🪐
Cantina Docs
  • 🪐Welcome to Cantina
  • 🤝Services
    • Security Reviews
    • Competitions
    • Bug Bounty
    • Guilds
    • Public Goods
  • 💵Referral program
  • 📄Public Reports
  • 👑Reputation
  • 👥Cantina Account
    • 🔷Claim an Account
    • 🔷Company Account
      • 🔹Create a Company Account
      • 🔹Managing users
      • 🔹Company Dashboard
      • 🔹Company Reviews
    • 🔷Security Researcher Account
      • 🔹Create Security Researcher Account
      • 🔹Security Researcher Dashboard
      • 🔹Calendar
      • 🔹Reviews
      • 🔹KYC and Payments
  • 💻Cantina Code
    • 🕵️Cantina Code for Security Researchers
      • 🔶Code Review
        • 🔸Download content and toggle sidebar
        • 🔸Highlighting code
      • 🔶Findings
        • 🔸Findings Submission
        • 🔸Findings Labels
        • 🔸Findings Status
        • 🔸Add code to existing finding
        • 🔸Examples
      • 🔶Chat
      • 🔶Reports
      • 🔶Comments & Pings
      • 🔶Diagrams & Formulas
    • 🏢Cantina Code for Companies
      • 🗄️Responding to Pings
      • 🗄️Responding to Findings
      • 🗄️Report Generation
  • 🏆Cantina Competitions
    • 🕵️For Security Researchers
      • 🔶Payments
      • 🔶Teams
      • 🔶Finding Status
      • 🔶Finding Labels
    • 🏢For Companies
      • 🗄️Competition Submission Template
    • 🧑‍⚖️Judging Process
      • 📜Finding Severity Criteria
      • 📜Scoring
      • 📜Judging Phase
      • 📜Escalation Process
    • 🤝 Fellowship Steward Model
  • 💰 Cantina Bounties
    • 🕵️For Security Researchers
      • 🔶Bug Bounty Finding status
    • Bounty Severity Classification
    • Mediation Process for Bounties
  • ✅ Cantina Bug Bounty Coverage
    • Cantina Coverage Details
  • ❓FAQ
    • ❔FAQ Competitions
    • ❔FAQ Security Reviews
  • 🔗Links
Powered by GitBook
On this page
  • How to access cantina repo?
  • I am doing a security review and not a competition. Can the client see my comments and findings?
  • Can i ping fellow SRs?
  • Can i communicate natively on a cantina repo?
  • Can I mark finding as FIXED or ACKNOWLEDGED?
  • Can i download a cantina repository?
  1. FAQ

FAQ Security Reviews

How to access cantina repo?

A core team member must set it up first, then share the link with you. Direct access to cantina repo from SR dashboard not yet supported. A workaround is to:

  • Access it through notifications.

  • Saving the link corresponding to the cantina repo review.

  • If its related to Competitions

    • Click on your user profile on the top right side of the interface.

    • Access it through the Security Researcher Dashboard

I am doing a security review and not a competition. Can the client see my comments and findings?

Yes, but it may be hard to locate comments. When leaving comments, always ping @project so they receive a notification. Note that when a comment is a reply to another comment, all the users that left a comment in the thread will get a notification.

Can i ping fellow SRs?

No. It is not possible to ping the username of the security researchers in your team yet.

Can i communicate natively on a cantina repo?

Chat like functionality is not yet available. You can nevertheless

  • Communicate via comments.

  • Communicate on the finding thread.

  • Ask the core team to set up private discord communication channels.

Can I mark finding as FIXED or ACKNOWLEDGED?

Not yet. To finalize the status of a finding it will have to be done with a comment on that finding.

Can i download a cantina repository?

Yes. Download content and toggle sidebar. You should nevertheless have access to the original repo with the code in scope (if you do not, reach out to core team).

PreviousFAQ CompetitionsNextLinks

Last updated 1 year ago

❓
❔