id: "programs/disclosure"

Disclosure enables you to be transparent about the security vulnerabilities found for your program. HackerOne's disclosure process balances transparency with control over what information is shared with the public.

Programs can choose from 3 disclosure settings:

Disclosure requiring Mutual Agreement | The hacker can request disclosure for any closed report in your program. If your program security team agrees to disclosure, the contents of the report will be made public. If the security team doesn't take any action, the contents of the report will remain private. <br><br>*You must request to opt-in to this option.*

Disclosure Disabled | Disclosure isn't allowed for any report.

Both hackers and program members can request for disclosure. To request for disclosure:

1. Go to the report you want to disclose.

2. Make sure the report is closed.


You can cancel your disclosure request if you later decide to not disclose your report. You can also cancel disclosure requests from hackers asking you for disclosure.

To cancel a disclosure request:

3. Enter a comment explaining why you are canceling the disclosure request.

4. Click **Post**.

If you’re running a private program, you can enable hackers to disclose a report within your private program. Upon disclosure, contents of the report will only be visible to participants in your private program. This enables hackers to share their vulnerability findings with other hackers in the program, and can also increase awareness for other hackers as they can better see what vulnerabilities have already been found for your program.

To enable disclosure for private programs: