HackerOne on Your Program

Understand who is interacting with your reports

Updated over a week ago

HackerOne is proud to have employees based throughout the world. As our company grows, we want to ensure that our customers and hackers understand who is interacting with their reports.

While your reports go through the motions of report validation, you may see various members of the HackerOne team actively view, comment, or make changes to a report. We want to ensure that you know who is reviewing your vulnerability information and have thus committed to increased clarity and transparency about who is present on a report belonging to your program.

The following prefixes belong to members of the HackerOne team and their respective functions. Keep in mind that Customer Success Managers (CSM) are not using these prefixes at this time.




A member of the HackerOne Triage team


A member of the HackerOne Mediation Team


A member of the HackerOne Support Team


A member of the HackerOne Technical Support Team

Note: These prefixes are locked and restricted to HackerOne employees only, meaning that hackers cannot claim these prefixes as their own.

Triagers can also request instructions for how to handle reports on assets not listed in your scope. Learn more about Triage Scope Instructions here.

Please reach out to your Customer Success Manager or Support if you have any questions or concerns.

HackerOne users cannot use h1 at the beginning of handles; this includes usernames and program handles. API tokens can use the h1 prefix.

Did this answer your question?