Under the multi-tier program management model, the “program” becomes a container abstraction for multiple engagements that inherit attributes from the program. This means a customer can now share submissions, roles, assets, and integrations across pen tests, bug bounty programs, and VDPs inside the same program–as well as get valuable insights about trends and opportunities from data analytics and reports generated across that program. Bugcrowd Penetration Testing as a Service is the first solution type to support this new approach to organizing security programs at scale, with Managed Bug Bounty and VDP to follow.