Skip to main content
Security teams deal with a constant stream of findings from scanners, pentest reports, CVE advisories, and bug bounty submissions. Most of it is noise. Vuln triage cuts through it by validating each finding against your actual environment and ranking what matters by true exploitability and blast radius, so your team works the findings that are real, not the ones that just look alarming. Click Vuln triage from the Neo home screen to open the workflow form.

Provide the report

1

Paste or attach your vulnerability report

Paste the raw report content directly into the text field: scan output, a CVE list, pentest findings, or any other format. Neo reads it as-is; you don’t need to clean it up or reformat it first.Alternatively, attach a report file using the file upload below the text field.
2

Add credentials (optional)

Select credentials to enable authenticated testing. Without them, Neo can only validate findings against unauthenticated surfaces; anything behind a login will be out of reach.If you haven’t added credentials yet, go to Settings → Secrets to create them before starting.
Click Start triage when ready. When the triage completes, ask Neo to explain the reasoning behind any severity rating, dig into a specific finding, or validate something the report flagged that didn’t make the cut. If you’re triaging bug bounty reports from HackerOne, Neo can connect directly to your HackerOne program and pull reports automatically. See the HackerOne integration guide to set it up.