Bugtri
Register

How Bugtri Works

From the moment a vulnerability report arrives in your mailbox to the triage summary landing in your inbox - here's exactly what happens at every step.

From report to triage in seconds

Watch a vulnerability report travel through Bugtri's pipeline. Sanitised, analysed by AI, and delivered back to your inbox.

Researchersends report Shared Mailboxsecurity@company.com Sanitises Reportstrips URLs, IPs, emails,domains & custom data AI Cloudanalyses & classifies Assembles & Deliversrestores tokens,appends original report Your Inboxsummary + original
Recognised URLs, IPs, and emails are stripped before reaching the AI
Tokens are restored automatically in the final email
Original report is appended unmodified below the summary

The full journey of a report

From the moment a researcher hits send to the triage landing in your inbox - here's exactly what happens.

Step 1

Researcher submits a report

A security researcher discovers a vulnerability and emails their findings to your shared mailbox - typically security@yourcompany.com. The report may contain sensitive internal URLs, IP addresses, email addresses, and domain names embedded throughout the text.

Fromjacob.riggs@pm.me
Tosecurity@yourcompany.com
Subject[Vulnerability Disclosure] SQL Injection in Login Endpoint
Hi Security Team, I've identified a time-based blind SQL injection on https://api.petstuffers.com/v1/auth/login via the username parameter...
Arrives via email
Any time, 24/7
Step 2

Bugtri intercepts the email

Bugtri monitors your connected mailbox via OAuth (Google Workspace or Microsoft 365) and picks up the incoming report within minutes. The original email stays in your inbox - Bugtri reads a copy without modifying or deleting anything.

Google
Microsoft
security@yourcompany.com
jacob.riggs@pm.me
[Vulnerability Disclosure] SQL Injection in Login...
now
Bugtri Monitoring inbox...
Bugtri Waiting...
Fromjacob.riggs@pm.me
SubjectSQL Injection in Login...
Body1,247 chars extracted
AttachmentsNone
Step 3

Sensitive data is sanitised

Before the report text reaches any AI, Bugtri scans it and replaces any sensitive data it recognises with safe placeholder tokens. URLs become __URL_1__, IP addresses become __IP_1__, emails become __EMAIL_1__, and domains become __DOMAIN_1__. You control exactly which types are redacted, and can add custom patterns.

Original
I've identified a SQL injection on https://api.petstuffers.com/v1/auth/login from IP 198.51.100.23. Contact me at jacob.riggs@pm.me
Sent to AI
I've identified a SQL injection on __URL_1__ from IP __IP_1__. Contact me at __EMAIL_1__
Step 4

AI analyses the clean report

The sanitised text is sent to your chosen AI provider (using your own API key) which extracts structured data: vulnerability type, severity, exploitability, authentication requirements, evidence quality, and scope. The AI produces a severity score, a confidence rating, a triage decision, and a written rationale explaining its reasoning.

OpenAI
OpenAI
Anthropic
Anthropic
Gemini
Gemini
Analysing report...
Auto-Decline
Queue
Fast-Track
Urgent
Step 5

Bugtri assembles the triage email

Bugtri takes the AI's analysis, restores all placeholder tokens back to the original values, and builds a formatted triage summary email. This includes the decision badge, risk score, AI confidence level, key factors, an executive summary - and the full original report appended below.

Triage Summary
Fast-Track7.2/10
Time-based blind SQL injection in POST /v1/auth/login via the username parameter, allowing unauthenticated database extraction...
92% confidence | Original report attached
Step 6

Triage arrives in your inbox

The complete triage email is delivered to your shared mailbox from triage@bugtri.com. Your security team sees the decision at a glance, reads the summary, and can immediately act - escalate, investigate, or dismiss. If auto-responses are enabled, the researcher also receives a customisable automated acknowledgement.

Bugtri
BT-2026-0042
Triage Summary
Fast-Track
SQL Injection in Login Endpoint
From: jacob.riggs@pm.me · Ref: BT-2026-0042
7.2
Risk Score
8.1
CVSS-like
92%
High AI Confidence
Executive Summary
Time-based blind SQL injection in POST /v1/auth/login via the username parameter, allowing unauthenticated database extraction.
Original Report
Subject: [Vulnerability Disclosure] SQL Injection in Login Endpoint
From: jacob.riggs@pm.me
Hi Security Team, I've identified a time-based blind SQL injection on https://api.petstuffers.com/v1/auth/login via the username parameter. The response time increases by ~5s when injecting SLEEP(5)...
Powered by Bugtri View Dashboard

Built for security teams

Everything you need to triage faster - nothing you don't.

Privacy-first sanitisation

Sensitive data (URLs, IPs, emails, domains) is stripped before reaching the AI. You control exactly what's redacted.

Configurable scoring

Tune weights, thresholds, and impact buckets to match your organisation's risk appetite. Choose from presets or go fully custom.

Auto-responses

Automatically acknowledge researchers, decline out-of-scope reports, or escalate urgent findings - with customisable templates.

Dashboard & analytics

Track volume trends, decision breakdowns, AI confidence, and response times. See everything at a glance from your dashboard.

Bring your own AI key

Use your own API key from OpenAI, Anthropic, Google Gemini, or other providers. Your data never trains third-party models.

Data retention controls

Set how long report data is stored. Enable auto-purge. Choose not to store vulnerability details at all after triage.

Ready to automate your triage?

Join the teams already saving hours every week with AI-powered vulnerability report triage.

Get started