Intro
As security audits scale, teams need better visibility, faster workflows, and tighter control. Judges need to manage high-signal competitions with confidence. Triagers need a complete view of bounty activity. Clients need tools to collaborate clearly without operational delays.
This latest set of updates improves how findings are triaged, filtered, categorized, and resolved. Whether you’re reviewing submissions in a competition, managing a bounty, or supporting a collaborative review, these upgrades are designed to eliminate ambiguity and increase execution speed.
Advanced Filtering Support
The findings list now supports more powerful filtering logic, including:
- Negated filters (for example, show findings without the label “Fixed”)
- Combinations of inclusive and exclusive filters across types (for example, Status is Confirmed and Label is not Severity Disagree)
- Saved filter sets for reuse across sessions
- A persistent search string format similar to GitHub for more advanced users
These updates allow triagers, clients, and judges to segment findings with greater precision. Filter usage and save/load behavior are also now tracked for future improvements.
Centralized Triage Dashboard
We have built a new internal bounty triaging command center that allows our triagers to quickly respond and keep track of bounty submissions.
This helps us maintain industry-leading response time to bounty submissions, better shield our customers from low quality submissions and react quickly to real issues.
Automatic Duplicate Resolution at Judging
Dealing with large volumes of submissions in competitions is a huge undertaking for Cantina Judges. We all want competitions to be judged quickly - for both our customers and researchers.
For almost a year we have developed and utilised AI duplicate detection to help judges group duplicate findings together.
Our latest updates now make duplicate detection even faster, meaning quicker judging and faster results for everyone.
Improved Comment Tracking and Sorting
We have made several improvements to how comment activity is surfaced across the platform.
- Sort the findings list by most recent comment in ascending or descending order
- Bold styling and background contrast now indicate unread comment activity
- A new filter allows users to display only findings with unread comments
- Comments are marked as read once they are viewed in a focused browser tab
These updates make it easier to stay on top of conversations and reduce the risk of missing follow-ups, particularly during active review periods.
Review Progress Component for Bounties
We have dramatically simplified our bounty user experience for our customers, making it much easier and faster to make decisions on submissions and understand exactly where each submission is in the bounty workflow.
You now have two simple options to reject or confirm a submission and can easily provide reasoning or set payment amounts in the same process.
Expanded Label Management Permissions
Label creation and management are now available to more roles across review types.
- Judges and clients can now create and apply labels during competitions
- Triagers can manage labels in bounty contexts
- Clients and researchers can use labels during collaborative reviews
Researchers retain read-only access to labels in competitions and bounties. This update ensures that trusted roles have the flexibility to tag findings with the context they need, without waiting on admin changes.
New Notification Settings
Notifications are now more flexible with multiple frequency options. Instead of only receiving a 3-hour digest, you can choose instant notifications for real-time updates or a daily digest for a single consolidated summary. Fine-grained controls allow you to set preferences at the repository level, giving you more control over when and how updates reach you.
Improved Email Design
We’ve also redesigned notification emails to be clearer and easier to scan. Important updates such as new finding submissions are now sent in their own dedicated emails when instant notifications are enabled. This ensures they won’t be batched together or hidden by your email client, so you’ll never miss a critical update.
What’s Next
These features are built to improve clarity, speed, and control across Cantina’s core workflows. They reflect feedback from judges, triagers, clients, and researchers who rely on the platform to run fast, high-integrity reviews.
Have feedback or ideas? Let us know on X or submit feature requests through our product portal.
Want to see it live? Book a demo and get a tailored walkthrough of how Cantina supports end-to-end security reviews at scale.