Practise the standard verbs for triaging bug bounty submissions effectively.
0 / 5 completed
1 / 5
Fill in: 'We ___ every incoming bounty submission by severity and validity within a set window, rather than letting reports pile up unread.'
We 'triage a submission' — the standard, simple collocation for prioritising incoming security reports. The other options are less idiomatic here.
2 / 5
Fill in: 'Leaving bounty submissions unreviewed for weeks can ___ a genuinely critical vulnerability sitting exploitable while a researcher waits for any response at all.'
We say a slow triage will 'leave' a real vulnerability exploitable — the standard, natural collocation for the resulting exposure. The other options aren't idiomatic here.
3 / 5
Fill in: 'We ___ every reported issue ourselves before paying out, since a report that can't actually be reproduced isn't a confirmed vulnerability yet.'
We 'reproduce an issue' — the standard, simple collocation for confirming a reported vulnerability internally. The other options are less idiomatic here.
4 / 5
Fill in: 'We ___ researchers fairly and promptly according to the published scale, since a slow or stingy payout quietly drives good researchers to report elsewhere.'
We 'reward a researcher' — the standard, simple collocation for compensating a valid bounty submission. The other options are less idiomatic here.
5 / 5
Fill in: 'We ___ every submission with a clear, specific explanation, whether it's accepted, rejected, or a duplicate, rather than a bare status change with no comment.'
We 'close a submission' — the standard, simple collocation for formally concluding a bounty report with a clear explanation. The other options aren't idiomatic here.