You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/changelog/2021/february.md
+5Lines changed: 5 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -16,3 +16,8 @@ Programs can now set up [multiple integrations](/programs/supported-integrations
16
16
We've updated the reference ID field for adding integrations with a new **Add reference to issue tracker** button to more clearly guide users with adding a reference to their integrated issue tracker.
17
17
18
18
19
+
20
+
### Filter Programs by Bounty Splitting
21
+
You can now see which programs enable you to collaborate with other hackers in submitting vulnerabilities with the new *Bounty splitting* filter and label in the [Directory](https://hackerone.com/directory/programs).
22
+
23
+
Copy file name to clipboardExpand all lines: docs/hackers/directory.md
+17-14Lines changed: 17 additions & 14 deletions
Original file line number
Diff line number
Diff line change
@@ -15,7 +15,7 @@ id: "hackers/directory"
15
15
16
16
The Directory is a community-curated resource that helps hackers identify the best way to contact an organization's security team. This guides hackers with reporting potential vulnerabilities directly to the organizations that can resolve them. The Directory is comprised of a list of various organizations that both use and don't use HackerOne. It documents the existence of an organization's vulnerability disclosure policy and any associated bug bounty programs.
The Directory provides relevant information for both hackers and programs.
@@ -25,7 +25,7 @@ The Directory enables Hackers to:
25
25
* Add security team contact information for an organization so that other hackers know where to submit vulnerabilities (See [Create a Directory Page](/hackers/create-a-directory-page.html))
26
26
* As the directory is community-curated, hackers who maintain sufficient reputation have edit rights and can update information about an organization. If you don’t have edit rights, you can reach a moderator at [email protected] with any changes.
27
27
* Find programs they're interested to hack on
28
-
* Bookmark your favorite programs
28
+
* Bookmark their favorite programs
29
29
* View and compare statistics of various programs
30
30
31
31
><i>Note: If an organization hasn't published security contact information anywhere, HackerOne recommends considering assistance from the [local CERT](https://www.first.org/members/teams/).</i>
@@ -37,26 +37,29 @@ The Directory enables programs to:
37
37
### What's on the Directory
38
38
You can find this information associated with an organization on the directory:
39
39
40
-
Option | Detail
40
+
Information | Details
41
41
------ | ------
42
-
Launch Date | The date the program started to accept vulnerabilities.
43
-
Bugs Resolved | The total number of vulnerabilities the organization has resolved. If the field is marked with a `-` this means that there are no resolved reports, or the program chose not to display this information on their metric display settings.
44
-
Response Efficiency | The percentage of reports that are responded to on time within the last 90 days.
45
-
Bounties Minimum | The minimum bounty that will be given for a valid vulnerability. If the field is marked with a `-` this means that there is no minimum bounty, or the program chose not to display this information on their metric display settings.
46
-
Bounties Average | The average bounty that is given for a valid vulnerability in a program. If the field is marked with a `-` this means that there is no average bounty, or the program chose not to display this information on their metric display settings.
42
+
Launch date | The date the program started to accept vulnerabilities.
43
+
Reports resolved | The total number of vulnerabilities the organization has resolved. If the field is marked with a `-` this means that there are no resolved reports, or the program chose not to display this information on their metric display settings.
44
+
Bounties minimum | The minimum bounty that will be given for a valid vulnerability. If the field is marked with a `-` this means that there is no minimum bounty, or the program chose not to display this information on their metric display settings.
45
+
Bounties average | The average bounty that is given for a valid vulnerability in a program. If the field is marked with a `-` this means that there is no average bounty, or the program chose not to display this information on their metric display settings.
47
46
Star Icon<br> | Bookmark your favorite programs by clicking on the icon. A list of your bookmarked programs will show on your [Hacker Dashboard](/hackers/hacker-dashboard.html) under the **Bookmarked Programs** tab.
48
-
Managed Icon<br> | Programs managed by HackerOne. These programs are more likely to respond quickly to your report and there's a higher likelihood of being successful on these programs because it's managed by the HackerOne triage team.
49
-
Not Accepting Submissions Icon<br> | A program that isn’t accepting any report submissions on HackerOne.
47
+
Managed label<br> | Shows that the program is managed by HackerOne. These programs are more likely to respond quickly to your report and there's a higher likelihood of being successful on these programs because it's managed by the HackerOne triage team.
48
+
Not Accepting Submissions label<br> | Shows that the program isn’t currently accepting any report submissions on HackerOne.
49
+
Bounty splitting label| Shows that the program enables hackers to collaborate with others and split their bounty in finding and submitting a vulnerability.
50
+
Retesting label | Shows that the program participates in [retesting](/hackers/retesting.html).
50
51
51
52
### Directory Filters
52
53
You can filter your list of programs by both program features and by asset type.
53
54
54
55
The program features you can filter include:
55
56
56
-
Option | Detail
57
+
Filter | Details
57
58
------ | ------
58
59
IBB | Indicates Internet Bug Bounty - a bug bounty program for core internet infrastructure and free open source software. These programs are managed by a panel of volunteers selected from the security community. Learn more [here](https://www.hackerone.com/internet-bug-bounty).
59
60
Offers bounties | Programs that offer bounties as rewards for finding vulnerabilities.
60
-
Invite-only | Programs that only allow you to submit vulnerabilities through an invitation.
61
-
High response efficiency | Programs that have a [response efficiency](/programs/response-target-indicators.html) of at least 80%.
62
-
Managed | Programs managed by HackerOne. These programs are more likely to respond quickly to your report and there's a higher likelihood of being successful on these programs because it's managed by the HackerOne triage team.
61
+
High response efficiency | Programs that meet their [response target metrics](/programs/response-target-metrics.html) at least 80% of the time.
62
+
Managed by HackerOne| Programs managed by HackerOne. These programs are more likely to respond quickly to your report and there's a higher likelihood of being successful on these programs because it's managed by the HackerOne triage team.
63
+
Offers retesting | Programs that can request hackers to [retest](/hackers/retesting.html) vulnerabilities.
64
+
Active Program | Programs that are currently accepting report submissions.
65
+
Bounty spitting | Programs that enable hackers to collaborate with others in submitting a vulnerability.
0 commit comments