Program settings let you control how your program is discovered, who can participate, and what researchers can see once they have access. Using these settings consistently helps you manage submission volume, researcher expectations, and program security.

You can manage your program settings by opening your program and going to More > Settings.

Program confidentiality defines who can discover your program and who is allowed to participate. Choosing the right confidentiality level helps you control visibility, manage risk, and gradually scale researcher access as your program matures.
​
Learn more about program confidentiality levels (Invite Only, Application, Registered, Public).

The program lifecycle reflects the different stages a program goes through on the Intigriti platform, from initial setup to final closure.

Learn more about program states (Wizard, Draft, Open, Suspended, Closing, Closed) here.

When ID-checking is enabled, only researchers who have completed the ID verification process can participate in your program.

Not all researchers on the platform are ID-checked. Keep in mind that all researchers who wish to receive a payout must complete ID checking, regardless of this setting. Enabling ID-checking at program level helps ensure that only verified researchers can submit findings from the start.

The area restriction for EEA residents is a program setting that limits participation to researchers who are ID-checked and indicate they reside within the European Economic Area. This setting acts as an additional safeguard on top of the ID-check requirement.
​
Once enabled, the program is visible only to researchers who meet both requirements. Researchers who are not ID-checked or who do not state EEA residency cannot find the program anywhere on the platform.

When inviting researchers, an EEA residents only filter is automatically applied. This hides all researchers who do not meet the EEA requirement. The restriction can be overridden at invite level, allowing administrators to invite non-EEA researchers after a double confirmation. Use this option carefully, as it bypasses the area restriction for individual invites.

Enforcing two-factor authentication adds an extra layer of security and confidentiality to your program by allowing access only to researchers who use 2FA when logging in.

When enabled, only researchers with 2FA configured can fully access your program. Researchers without 2FA can view only the program description and bounty table and cannot access the full program details. You cannot invite researchers who do not have 2FA enabled.

If you enable this setting on an ongoing program, researchers who previously had access will regain full access as soon as they enable 2FA on their account.

By default, all researchers must adhere to Intigriti’s standard Terms and Conditions and Code of Conduct. These apply automatically to every program and generally cover the needs of most organizations.
​
If required, you can enforce additional custom terms and conditions. This is typically driven by legal requirements. The text for the additional terms is defined in the Admin section of the platform and can then be enabled per program. This allows you to apply extra terms to some programs while leaving others unchanged.
​
Once enabled, only researchers who have accepted your custom terms and conditions can access your program. Researchers who have not yet accepted them cannot see any program details.

Researcher collaboration allows researchers to work together on submissions and split the bounty.Allowing collaboration can lead to higher-quality findings by combining different skill sets.

The program listing setting allows you to further control this visibility by deciding whether a public program should appear across the platform and public website, or remain accessible only through its direct program URL.

Learn more about unlisted programs.

Statistics visibility controls whether total payout, average payout, number of submissions created and accpeted are shown on your program details page to researchers.

Leaderboard confidentiality settings control who can see individual researcher reputation points. The leaderboard itself is visible to researchers who can access the program, but this setting determines whether the actual reputation points are visible to everyone, the circle of trust (participating researchers) or nobody.