Starter
Series A SaaS — self-hosted program
Pattern
Public security@ inbox, ~15 reports a month, half are scanner noise. AppSec is one engineer who used to do this on Friday afternoons. Wants Friday afternoons back.
Outcome
We take the inbox. Their AppSec engineer reviews our weekly summary, signs off on bounties, and ships fixes. Net time spent on triage drops from ~6 hours/week to ~30 minutes.