About
Broctagon

A leading multi-asset liquidity and full suite Forex technology provider serving more than 350 clients across 50 countries.

Founded 2009.

email circle

info@broctagon.com

COMPANY


Enterprise Development

Our Company


Enterprise Development

Careers

Enterprise Development

Privacy Policy

OUR STORY


Enterprise Development

Celebrating
15 Years


Enterprise Development

A Decade of
Fintech Finesse


Enterprise Development

Social Media Hub

MEDIA


Enterprise Development

Broctagon Buzz

News
Events
Product Updates
Thought Leadership
Knowledge Articles
In the Press

PARTNERSHIP

Enterprise Development

Become a Partner

Help Us Make Broctagon Safer

We welcome security researchers and ethical hackers to test our systems. If you responsibly disclose a valid vulnerability, we’ll reward your efforts and appreciate your contribution to a safer fintech ecosystem.

Submit a Report

Why We Run This Program

Broctagon is committed to maintaining the highest standards of security across our products and services. This Bug Bounty Program allows us to collaborate with the wider security community to identify vulnerabilities before bad actors do.
We believe in responsible disclosure and aim to respond quickly and transparently.

What’s
in Scope?

You’re invited to test and report vulnerabilities related to:

  • https://broctagon.com and all subdomains
  • Broctagon’s trading CRM systems and any infrastructure or APIs
  • Servers and environments hosted or owned by Broctagon

Reports outside this scope may still be reviewed at our discretion.

Submission
Process

To submit a vulnerability:

  1. Download the Bug Bounty Submission Form.
  2. Email your report to: security@broctagon.com
  3. Include:

    • A clear, reproducible description
    • Affected URLs or endpoints
    • Screenshots, logs, or video if helpful
    • Any attachment or sample payloads
    • You’ll receive an acknowledgment within 15 working days.
  4. Reports outside this scope may still be reviewed at our discretion.

We value detailed, well-structured reports. Submissions that allow us to verify and fix the issue faster may be eligible for higher rewards.

Responsible
Disclosure Guidelines

To qualify for a reward, you must:
  • Avoid disrupting our services or data
  • Not publicly disclose the bug before we fix it
  • Not access or modify other users’ data
  • Not use social engineering or physical access
  • Submit only original discoveries (no duplicates)
Broctagon does not pursue legal action against researchers who follow these rules.

Out of
Scope Submissions

The following are typically not rewarded:
  • Bugs requiring unlikely user interaction
  • Missing security headers or best practices
  • Rate limit bypass with no real impact
  • Vulnerabilities on third-party platforms we don’t control
  • Denial of Service (DoS), brute-force, or spam tests

Privacy &
Confidentiality

Learn More

Terms &
Conditions

Learn More

💬 Have a question? Reach out to us at security@broctagon.com
🔗 View our Bug Bounty Submission Form (.docx)