Help Center

Affects to Hacker Reputation

Reputation is based exclusively on your track record as a hacker. A Hacker profile starts with a reputation score of 100. Reports gain or lose reputation based on the state in which they are closed:

Reputation Points State
+7 Resolved
0 Informative
-5 Not Applicable
-10 Spam
+2 Duplicate of a resolved report submitted prior to the report being made public
0 The original report is resolved before the duplicate report was filed
-5 Duplicate of a resolved report submitted after the report is made public
-5 Duplicate of a N/A report

Duplicates of your own reports don't influence your reputation. This enables programs to close multiple reports that have the same root cause as duplicates without affecting a hacker's reputation.

Bounty Affect to Reputation

The rewarded bounty amount impacts your reputation. Different bounty amounts grant you reputation based on the standard deviation from the program's mean bounty amount. Here's the breakdown for how many reputation points you can gain depending on your bounty:

Reputation Points Details
+50

Known as BOUNTY_SEVERE.

Received when Bounty Amount ≥ mean + 1 standard deviation

+25

Known as BOUNTY_HIGH.

Received when Bounty Amount > mean

+15

Known as BOUNTY_MEDIUM.

Received when Bounty Amount ≥ mean - 1 standard deviation

+10

Known as BOUNTY_LOW.

Received when Bounty Amount < mean - 1 standard deviation

Note: Keep in mind that the first 10 bounties of a program will be rewarded the BOUNTY_MEDIUM reputation points. After 10 bounty bounties have been paid out, hackers will gain reputation through bounty according to the point system above.

There are a number of privileges that are gained by maintaining a high reputation, such as becoming eligible to receive access to private programs. On the flip side, should your reputation decrease, the system will gradually reduce the number of submissions allowed in a given time period. We believe it is critical to this community that Security teams be afforded a high-signal environment so that they can focus on providing quality responses to hackers who turn in the best vulnerabilities. As a hacker submitting vulnerabilities through the HackerOne platform, your reputation measures how likely your finding is to be immediately relevant and actionable. For more details, check out this blog post.

 

Have more questions? Submit a request
Powered by Zendesk