Accessibility

HackerOne Platform Accessibility Conformance Report Revised Section 508 Edition

Updated over a week ago

VPAT®1 Version 2.4 – February 2020

Name of Product/Version: HackerOne Bug Bounty & Vulnerability Disclosure Platform ("HackerOne Platform")

Report Date: September 16, 2020

Product Description: The HackerOne Platform is a platform for an improved security coordination process. Security teams use HackerOne to implement their vulnerability disclosure policy and host bug bounty programs. The platform will communicate the procedures of how to discover and report security vulnerabilities in accordance with industry best practices.

Evaluation Methods Used: Accessibility testing consisted of but was not limited to: automated testing, extensive manual testing, general product knowledge, etc.

Applicable Standards/Guidelines: See below.

This report covers the degree of conformance for the following accessibility standard/guidelines:

Terms

The terms used in the Conformance Level information are defined as follows:

  • Supports: The functionality of the product has at least one method that meets the criterion without known defects or meets with equivalent facilitation.

  • Partially Supports: Some functionality of the product does not meet the criterion.

  • Does Not Support: The majority of product functionality does not meet the criterion.

  • Not Applicable: The criterion is not relevant to the product.

  • Not Evaluated: The product has not been evaluated against the criterion. This can be used only in WCAG 2.0 Level AAA.

WCAG 2.0 Report

Tables 1 and 2 also document conformance with Revised Section 508:

  • Chapter 5 – 501.1 Scope, 504.2 Content Creation or Editing

  • Chapter 6 – 602.3 Electronic Support Documentation

Note: When reporting on conformance with the WCAG 2.0 Success Criteria, they are scoped for full pages, complete processes, and accessibility-supported ways of using technology as documented in the WCAG 2.0 Conformance Requirements.

Table 1: Success Criteria, Level A

Criteria

Conformance Level

Remarks and Explanations

1.1.1 Non-text Content (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: The HackerOne Platform has no known accessibility issues. Non-text content provides discernible/accessible labels and name markup.

1.2.1 Audio-only and Video-only (Prerecorded) (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Not Applicable

Web: There is no content to which success criterion applies. Audio and video media are not used.

1.2.2 Captions (Prerecorded) (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Not Applicable

Web: The HackerOne Platform has no prerecorded audio content in synchronized media, except when the media is a media alternative for text and is clearly labeled as such.

1.2.3 Audio Description or Media Alternative (Prerecorded) (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: There is no content to which success criterion applies. Audio and video media are not used.

1.3.1 Info and Relationships (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Semantic mark-up (e.g. landmarks, headings, labels) are provided.

1.3.2 Meaningful Sequence (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Pages follow a logical reading sequence.

1.3.3 Sensory Characteristics (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Descriptive mark-up (e.g. button text, tool-tips, alt tags) are provided.

1.4.1 Use of Color (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: The HackerOne Platform does not use color anywhere as the sole indicator of functionality.

1.4.2 Audio Control (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: There is no content to which success criterion applies. Audio media is not used.

2.1.1 Keyboard (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Partially Supports

Web: Most forms support keyboard shortcuts though some functionality requires a pointer.

2.1.2 No Keyboard Trap (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. User focus can be moved away from any component using keyboard tab keys.

2.2.1 Timing Adjustable (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Partially supports

Web: There are some newer features within the pentest component that require a user to submit content within a time limit. This is not adjustable by the user.

2.2.2 Pause, Stop, Hide (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Pages do not have any moving, blinking, scrolling, or auto-updating information.

2.3.1 Three Flashes or Below Threshold (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Pages do not include any flashing elements. Thank goodness we're out of the 90s!

2.4.1 Bypass Blocks (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software) – Does not apply to non-web software

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs) – Does not apply to non-web docs

Web: Supports

Web: The HackerOne Platform does not have any repetitive content where a skip or bypass functionality would be necessary.

2.4.2 Page Titled (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Pages are labeled with descriptive titles.

2.4.3 Focus Order (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Page elements follow a logical focus order.

2.4.4 Link Purpose (In Context) (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Page links are labeled with descriptive text.

3.1.1 Language of Page (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Page markup indicates English for default language.

3.2.1 On Focus (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Context does not change on page element focus.

3.2.2 On Input (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Page context does not change on user input.

3.3.1 Error Identification (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. When applicable, form pages provide error condition messaging text.

3.3.2 Labels or Instructions (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. When applicable, web form pages provide self-describing labels and/or instructional text.

4.1.1 Parsing (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Elements are nested according to their specifications, elements do not contain duplicate attributes, and any IDs are unique, except where the specifications allow these features.

4.1.2 Name, Role, Value (Level A)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Partially Supports

Web: Name and value attributes on elements in most cases is discernible; role is sometimes absent.

Table 2: Success Criteria, Level AA

Criteria

Conformance Level

Remarks and Explanations

1.2.4 Captions (Live) (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Not Applicable

Web: There is no content to which success criterion applies. Live audio content is not used.

1.2.5 Audio Description (Prerecorded) (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Not Applicable

Web: There is no content to which success criterion applies. Prerecorded video content is not used.

1.4.3 Contrast (Minimum) (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Contrast minimums are supported.

1.4.4 Resize Text (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Partially Supports

Web: No known accessibility issues. 200% zoom factor is supported and on most pages looks proper.

1.4.5 Images of Text (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues.

2.4.5 Multiple Ways (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software) – Does not apply to non-web software

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs) – Does not apply to non-web docs

Web: Partially Supports

Web: In most cases there is more than one route to any given page.

2.4.6 Headings and Labels (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Descriptive heading and label markup is provided.

2.4.7 Focus Visible (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Focus indicator is natively provided via major browser software vendors.

3.1.2 Language of Parts (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. Page markup indicates English for default language.

3.2.3 Consistent Navigation (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software) – Does not apply to non-web software

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs) – Does not apply to non-web docs

Web: Supports

Web: No known accessibility issues. Consistent page-to-page navigation is provided via our top nav.

3.2.4 Consistent Identification (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software) – Does not apply to non-web software

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs) – Does not apply to non-web docs

Web: Supports

Web: No known accessibility issues. Consistent identification applied to components across pages.

3.3.3 Error Suggestion (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: No known accessibility issues. When applicable, form pages provide error suggestion text.

3.3.4 Error Prevention (Legal, Financial, Data) (Level AA)
Also applies to:
Revised Section 508

  • 501 (Web)(Software)

  • 504.2 (Authoring Tool)

  • 602.3 (Support Docs)

Web: Supports

Web: These actions are either checked or confirmed.

Table 3: Success Criteria, Level AAA

Notes: Section removed, as it does not apply to Revised Section 508

Revised Section 508 Report

Notes:

Notes:

Criteria

Conformance Level

Remarks and Explanations

302.1 Without Vision

Supports

Accessible mark-up utilized for screen readers.

302.2 With Limited Vision

Supports

Accessible mark-up utilized for screen readers.

302.3 Without Perception of Color

Supports

No input depends on perception of color.

302.4 Without Hearing

Supports

No dependency on sound.

302.5 With Limited Hearing

Supports

No dependency on sound.

302.6 Without Speech

Supports

No dependency on sound.

302.7 With Limited Manipulation

Supports

No place to input speech.

302.8 With Limited Reach and Strength

Supports

Screen reader support, mouse, and keyboard only operation are provided.

302.9 With Limited Language, Cognitive, and Learning Abilities

Supports

Simple design, ease of use in mind.

Chapter 4: Hardware

Notes: Section removed. Not applicable. The HackerOne Platform is a web-only application.

Chapter 5: Software

Notes: Section removed. Not applicable. The HackerOne Platform is a web-only application.

Notes: Section removed. Not applicable. The HackerOne Platform is a web-only application.

Legal Disclaimer

This document is provided for information purposes only and the contents hereof are subject to change without notice. HackerOne does not warrant that this document is error free, nor does it provide any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. HackerOne specifically disclaims any liability with respect to this document and no contractual obligations are formed either directly or indirectly by this document. HackerOne further makes no representation concerning the ability of assistive technologies or other products to interoperate with HackerOne products.


  1. "Voluntary Product Accessibility Template" and "VPAT" are registered service marks of the Information Technology Industry Council (ITI).

Did this answer your question?