Skip to main content
an image of three HackerOne team members working together at their laptop

Frequently Asked Questions

If you have any questions about the code of conduct or any of these rules of engagement, please check the FAQ here. If your questions were not answered, please send them to

I contacted a customer via a forum or chat service that was intentionally created for customers and Hackers to talk, am I violating the Code of Conduct?
The Code of Conduct says "No Intellectual Property theft.” How does HackerOne enforce that?
I’m not sure I understand what Intellectual Property theft is or how that can happen on the platform. Could you provide some examples?
If I am collaborating with another Hacker, and I’m sharing vulnerability/report information in order to work together to identify and escalate vulnerabilities while testing, am I violating the Code of Conduct where it says “Do not disclose vulnerability i
My report has been labeled as Informative or N/A. Can I make the report information public, or do a write-up about it without checking in with the program?
I found a vulnerability that exposes Personally Identifiable Information (PII) or Personal Data, and I’m reporting the vulnerability to the customer, along with adding screenshots and other evidence about it. Am I in violation of the Code of Conduct guide
A Hacker is using abusive language, or engaging in other harassment, outside of the platform (e.g. social media, email, etc). Do you penalize Hackers for this?
I just found a data breach including customer data and credentials. Can I use those credentials to increase my scope and test for new vulnerabilities?
When I file a new report, I tell the Program how much money I want as reward for the vulnerability I’m reporting. Is that Ok?
I am collaborating with another Hacker, and we share report templates and bug information, but we don’t use the “collaboration” feature on HackerOne’s platform. Is this a violation of the Code of Conduct?
What is hate speech?