Everything you need to run a VDP or bug bounty

From first report to final fix — one platform.

AI Triage & Action Plans

Intake reads every report before you do — extracting affected systems, assessing severity, checking for duplicates, and drafting a response. Spam and out-of-scope submissions get flagged automatically. You just review the plan and hit approve.

AI Approval Queue

Nothing happens without your say-so. Every AI decision — severity rating, response draft, triage recommendation — lands in your approval queue. Review one at a time or approve in bulk. Override when the AI gets it wrong. You’re in control, just without the busywork.

Smart Duplicate Detection

Every new submission is checked against your entire history automatically. Same vulnerability described three different ways? Caught. No more searching through old tickets.

Researcher Communication

Ready-to-send templates for every stage, or let the AI draft a response based on the report context. Researchers get status updates automatically — no more copy-pasting acknowledgment emails or forgetting to close the loop.

Program Management

Define your scope, set your policy, publish a branded program page. Manage multiple programs from one dashboard instead of juggling spreadsheets and wiki pages.

Team Collaboration

Assign reports to the right person, leave internal notes, control who sees what with role-based access. No more "did anyone look at this?" in Slack.

Inbound Email Processing

Researchers email security@, reply to old threads, skip the form entirely. Intake catches it all — parses the email, extracts attachments, and creates a structured report in your queue automatically.

Common Questions

Does AI make decisions without human approval?: No. Every AI decision — severity ratings, response drafts, triage recommendations — goes through your approval queue first. You can review individually or approve in bulk, and override the AI whenever it gets something wrong. You're always in control.
How does duplicate detection work?: Intake checks every new submission against your entire report history using both text-based matching and AI-enhanced similarity analysis. It catches the same vulnerability described in different ways, flagging potential duplicates before they reach your review queue.
Can researchers submit reports via email?: Yes. Intake processes inbound emails to your security address, parses the content, extracts attachments, and creates structured reports in your queue automatically. Researchers can also submit through your branded web portal.
What integrations does Intake support?: Intake integrates with Slack for real-time notifications, Jira for ticket management, and supports webhooks and a REST API for custom workflows. Integrations are available on Starter (Slack) and Pro (Jira, API, webhooks) plans.

Ready to launch your program?

Get Started Free

Common Questions

Does AI make decisions without human approval?

No. Every AI decision — severity ratings, response drafts, triage recommendations — goes through your approval queue first. You can review individually or approve in bulk, and override the AI whenever it gets something wrong. You're always in control.

How does duplicate detection work?

Intake checks every new submission against your entire report history using both text-based matching and AI-enhanced similarity analysis. It catches the same vulnerability described in different ways, flagging potential duplicates before they reach your review queue.

Can researchers submit reports via email?

Yes. Intake processes inbound emails to your security address, parses the content, extracts attachments, and creates structured reports in your queue automatically. Researchers can also submit through your branded web portal.

What integrations does Intake support?

Intake integrates with Slack for real-time notifications, Jira for ticket management, and supports webhooks and a REST API for custom workflows. Integrations are available on Starter (Slack) and Pro (Jira, API, webhooks) plans.