Welcome Edit the Doc Site Product Offerings Program Starting Point Private vs Public Programs Parent/Child Programs Password Best Practices Using Markdown General Settings Security Page Program Metrics Response Target Indicators Top Hackers Policy and Scope Good Policies Defining Scope Scope Best Practices Asset Types Severity Environmental Score Bounty Tables Importance of Bounty Tables Submit Report Form Report Templates Pausing Report Submissions Response Targets Response Target Metrics Setting Response Targets Invitations CVE Requests Submission Signal Requirements Human-Augmented Signal Groups and Permissions Single Sign-On via SAML Google Okta OneLogin FAQs Two-Factor Authentication Invalid OTP Code Sessions Credential Management Notifications Response Programs Inbox Inbox Views Report Management Report Actions Report States Quality Reports Locking Reports Duplicate Reports Exporting Reports Response Labels Keyboard Shortcuts Custom Fields Disclosure Limiting Disclosed Information Automation Common Responses Triggers Hackbot Retesting Reducing Noise Supported Integrations Integration Variables API Tokens Assembla Bugzilla Freshdesk GitHub GitLab IBM Resilient Jira Jira Cloud Setup Jira Server Setup Multiple Integrations Jira FAQs Kenna Security MantisBT OTRS Phabricator ServiceNow Slack Redmine Trac Zendesk Billing Bounties Swag Bonuses Dashboards Submissions Dashboard Statistics Dashboard Hacker Feedback Dashboard Response Target Benchmarks Audit Logs Hacktivity Communicating with Hackers Message Hackers Banning Hackers Hacker Email Alias Hacker Mediation Hacker Reviews Disclosure Assistance Advanced Vetting Gateway FAQs Email Forwarding Embedded Submission Form Slack Shared Channels Response Target Benchmarks
Response Target Benchmarks enable you to compare your response times to those of other programs. This will help you see what areas you need to focus on to improve your program. You can specify the kinds of programs you want to compare your program to by selecting different program requirements and creating benchmarks.
Note: This feature is currently only available for Enterprise programs.
To access your response targets dashboard:
Program Dashboard > Response Targets. Select the appropriate variables for these fields:
What you want to measure.
You can choose from: Median time to resolution Median time to triage Median time to bounty Median time to first response Missed resolution targets Missed triage targets Missed bounty targets Missed first response targets Note: Median is the midpoint of your dataset. We're using the median rather than the average as it prevents your data from being skewed by one-off instances. Note: Missed is calculated by the number of reports that were longer than the targets you set for yourself.
The rating of how severe a vulnerability is.
You can choose from: All severities No severity Critical High Medium Low None
The date you want to start measuring from.
The date you want to stop measuring from.
How you want to view your data.
You can choose from: Week Month Quarter Year
You can filter your metrics by custom fields, assets and/or weakness.
A filter you can create of different program characteristics that you want to compare your program to.
Each benchmark is an aggregate measure of data of other programs on HackerOne. All data is anonymous so that no program's data will be exposed.
You'll be able to view how your response target compares to the metric that you choose to measure with.