AxisTradeAxisTrade

Security & Responsible Disclosure

AxisTrade takes the security of our customers' business data seriously. If you believe you have discovered a vulnerability, we want to hear from you.

Reporting a vulnerability

Please email security@getaxistrade.com with a clear description of the issue, the steps required to reproduce it, and any proof-of-concept material. Please do not publicly disclose the issue until we have had an opportunity to investigate and remediate it.

Our commitment

  • We will acknowledge receipt of your report within two working days.
  • We will investigate every legitimate report and keep you updated on progress.
  • We will not take legal action against good-faith security researchers.
  • We will credit researchers who report valid issues, where appropriate.

Scope

In scope: getaxistrade.com, app.getaxistrade.com, and the AxisTrade API. Out of scope: denial-of-service testing, social engineering, and physical attacks against our infrastructure or employees.

Machine-readable policy

A security.txt file is published at the standard /.well-known/security.txt path per RFC 9116.

Report a vulnerability

security@getaxistrade.com

Privacy requests

privacy@getaxistrade.com