Program Manager Guide

Learn how to set up and manage your bug bounty program on Bugbop.

Getting Started as a Program Manager

Welcome to Bugbop! As a program manager, you'll be setting up and managing your organization's bug bounty program. This guide will walk you through the essential steps to get started.

Step 1: Creating Your Program

To create a new Bug Bounty Program:

  1. Navigate to the "Dashboard"
  2. Click "Create Program"
  3. Fill in your program details:
    • Website URL: Your website. It may not be the site you're running the Program for.
    • Name: A name for your program. Typically "MyCompany Bug Bounty Program"
    • Description & Scope: This is the main part of your program. Setting up your first program is difficult.
      Please review Comprehensive Guide and Example Template or book a call with us and we'll help you.
    • Bounty Settings: Either 'None', 'Cash', or 'Swag/Credit'. Please review our guide Reward Structure Guide for suggested cash amounts.
    • Rewards: What rewards you'll offer for valid findings
  4. Add your Logo
  5. Click "Create Program"

Step 2: Setting Up Your Team

Invite team members to help manage your program via the "Settings" dropdown -> "Invite User" or the "Users" tab:

  1. Go to program settings > "Team"
  2. Click "Invite Team Member"
  3. Enter email address and select role:
    • Admin: Full program management capabilities
    • Triager: Can review, validate and process reports
    • Viewer: Read-only access to reports. Typically used for stakeholders and auditors.

You can also invite Bug Hunters via the "Settings" dropdown -> "Invite Bug Hunter" or the "Bug Hunters" tab.
Bug Hunters can submit bugs to your program. If you've worked with good bug hunters before, add them here.

Step 3: Launch your Program

Once you're happy with your program, it's time to launch:

  1. Firstly, you'll need to be on a paid plan if you want to show your
  2. Email Templates: Customize notification emails
  3. Automated Responses: Set up auto-replies for common scenarios
  4. Access Agreement: Create terms for accessing your program

Step 5: Setting Up Webhooks (optional)

Connect Bugbop to your internal systems via the "Settings" dropdown -> "Webhooks"

Please review our Webhook Documentation for more details

Next Steps

After setting up your program:

  • Review the reporting workflow to understand how reports will be processed
  • Consider setting up integrations with your development tools
  • Establish internal processes for handling valid vulnerabilities
  • Create templates for communicating with bug hunters
  • Monitor program metrics to track performance over time