At NautilusTrader, we take security seriously and appreciate your efforts in helping us identify and fix any vulnerabilities. If you have discovered a security vulnerability, follow the guidelines outlined below.
We encourage responsible disclosure of any security vulnerabilities you may discover. If you believe you have found a security vulnerability in our platform, email us at [email protected]. We ask that you provide us with a reasonable amount of time (at least one week) to fix the issue before disclosing it publicly.
We only support the latest version of NautilusTrader. If you are using an older version, it is possible that vulnerabilities may have been fixed in a later release.
At this time, we do not have a formal bug bounty program. However, we appreciate any efforts to help us improve the security of our platform and will do our best to properly recognize and credit your contributions.