Skip to main content

Security@ 2022: Achieve Attack Resistance

Get your complimentary pass to Security@ 2022 with promo code VIPCOMP

October 12-13, San Diego | October 13, London

Register today

 

an image of three HackerOne team members working together at their laptop

Live Hacking Rules of Engagement

When we get together, awesome things happen because of the creativity, collaboration, and idea exchange you bring to the event. That is what makes events special!

This is a guide to ensure that this positive environment thrives at this event and everyone has an amazing time. "Together We Hit Harder" is more than a catch phrase, it means that collectively it's up to all of us to provide a welcoming and respectful community for everyone. Thank you for helping to make this a welcoming, friendly space for all!

Respect Confidentiality, Disclosure Guidelines and NDAs
Only Use Approved Communication Channels
Be Professional
Follow Local Laws
Respect Live Hacking Event’s Special Rewards and Rules
General Provisions
Definitions

Investigation and Enforcement

If a complaint is received from a customer, team member, another Finder, or if HackerOne observes something that appears to violate the Code of Conduct and/or these RoEs, HackerOne will in all cases:

  • Assume good intent: HackerOne trusts that hackers will want to do the right thing
  • Investigate fully so HackerOne understands what did (and did not) happen. HackerOne will speak to all parties involved, where appropriate, and attempt to provide a neutral viewpoint.
  • Repercussions: If HackerOne determines the Finder has violated the Code of Conduct and/or these RoEs, there will be disciplinary actions depending on the severity and HackerOne’s assessment of intent. Repercussions could include, depending on severity, temporary bans and permanent bans from the event, future live hacking events and/or the platform.

In general, HackerOne will seek to enforce these rules of engagement in accordance with the action guidelines below.

IncidentFirst OffenseEscalated OffenseFurther Escalated Offense
Not Adhering to Live Event's Communication ChannelsSpecific Event Program Ban (1 - all Events)Live Events Temporary Ban (1 - 3 Events)Live Events Permanent Ban
Unprofessional Behavior: Exploiting Live Events Special Rewards and RulesSpecific Event Program BanLive Events Temporary Ban (1 - 3 Events)Live Events Permanent Ban
Inappropriate Interactions with Client's Security TeamSpecific Event Program BanLive Events Temporary Ban (1 - 3 Events)Live Events Permanent Ban
Abusive Language & HarassmentLive Events Temporary Ban (Time varies based on severity)Live Events Temporary Ban (Time varies based on severity)Live Events Permanent Ban
Breaking the Live Hacking Event's Confidentiality GuidelinesLive Events Temporary Ban (1 - 3 Events)Live Events Permanent Ban 
Violating NDALive Events Permanent Ban  
Not complying with regions local lawsLive Events Permanent Ban  
Extortion and BlackmailLive Events Permanent Ban  
Unauthorized Impersonation / Social EngineeringLive Events Permanent Ban  

Please note, however, that HackerOne reserves the right to escalate the severity of enforcement and sanctions in accordance with the nature of the offense and irrespective of previous offenses. Depending upon the severity of the offense, sanctions may include, without limitation, longer temporary bans, immediate removal from HackerOne Clear and HackerOne Clear Programs and/or a permanent ban from the HackerOne Platform.