BitMEX

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
public.bitmex.com URL none none low low
www.bitmex.com URL critical
Data leakage, authentication errors, account takeover, etc., are in scope. Phishing is generally out of scope unless there is a reasonable mistake in our platform. https://www.bitmex.com/chatArchive is intended to be public.
*.bitmex.com URL low low low medium

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
analytics.bitmex.com URL low low low none
blog.bitmex.com URL low none low none
research.bitmex.com URL low low low none