GET UP TO
5000 BGN PER
BUG

In today’s ever more complex software stacks, many companies are turning to the wider information security community in order to hunt down, research and better understand the threat landscape. At Tradeo, the security of our clients and their funds are of utmost importance, and as a result, we have started our very own bug bounty program.

Rules

  • Do not publically disclose a bug before we are able to fix it
  • Do not use scanners or automatic tools to find the vulnerabilities. We have those too, and we will correlate your IP address from our logs
  • The bounty only applies to properties under the The Bounty
  • Do not attempt non-technical attacks, such as phishing, physical attacks on our office grounds or employees
  • Do not gain, extract or manipulate other user’s data
  • Do not attempt any DDoS or spam attacks, that aim to disrupt the operation of our service or service providers

What we promise

  • We will respond as quickly as humanly feasible
  • We will keep engineers well caffeinated until the issues are fixed
  • We will keep you informed throughout the process
  • No legal action will be taken if you play by the rules

The Bounty / Tradeo Web Platform

Our web platform allows users access to markets in real time. It is used daily by thousands of traders to collaborate, discuss market trends and profit together. You can access the app at https://www.tradeo.com. Vulnerabilities in third-party applications that we may use are not in scope.

The rewards for this bounty ranges from 250 BGN - 5000 BGN, based on the severity of the vulnerability and various factors, such as criticality and potential impact on the overall order execution logic of the platform.

Legal stuff

By participating in our Bug Bounty, you agree to Tradeo’s Terms and Conditions.

SUBMIT VULNERABILITY