Documentation Index
Fetch the complete documentation index at: https://docs.cantina.xyz/llms.txt
Use this file to discover all available pages before exploring further.
Cantina’s bug bounty programs connect protocols with vetted security researchers to identify real-world vulnerabilities in live code, featuring intelligent filtering and transparent reporting.
Program Setup
This phase involves establishing your bug bounty program, from setting up the platform to configuring the security frameworks. The Cantina team will assist in ensuring all necessary settings are tailored for your organization’s goals and security needs.
Scope Definition
Defining the boundaries of your bug bounty program, including which systems, components, and protocols are in scope. A well-defined scope ensures high-quality submissions and efficient resource allocation for both researchers and your development team.
Vulnerability Reporting
When a researcher discovers a vulnerability, they report it through the Cantina platform. The report includes steps to reproduce, severity level, and suggested remediation, ensuring a clear and actionable report for your team.
Triage Process
All reported vulnerabilities go through a structured triage process. Our team evaluates the severity and impact, prioritizing issues based on risk. This process ensures that your team can focus on the most critical vulnerabilities first.
Rewards and Payments
Once vulnerabilities are confirmed and validated, the reward payout process begins. Cantina ensures seamless and timely payments to researchers based on severity, ensuring a fair and transparent reward system.
Disclosure Policy
Cantina’s disclosure policy governs how vulnerabilities are handled and disclosed, including communication guidelines with the researcher and public disclosure protocols. We ensure that all disclosures are managed securely and transparently, protecting both the researcher and the organization.
