security.txt

@securitytxt

A proposed standard that allows websites to define security policies by (unofficially ) & .

Vrijeme pridruživanja: studeni 2015.

Tweetovi

Blokirali ste korisnika/cu @securitytxt

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @securitytxt

  1. proslijedio/la je Tweet
    prije 13 sati
    Poništi
  2. proslijedio/la je Tweet
    prije 17 sati

    Today, we are launching , a series of interviews with hunters. In our first edition, we are discussing logic flaws and with ! 🐸 Who would you like to see interviewed next? Leave a comment! 👇

    Poništi
  3. proslijedio/la je Tweet
    29. sij

    As you browse the web, this extension will check for a security.txt and humans.txt file on each site you visit. If either file exists, the pageAction can be clicked to display the files.

    Poništi
  4. proslijedio/la je Tweet
    24. sij

    Discover security.txt and humans.txt files as you browse the web with our browser extension for Firefox, Chrome, Edge, and (soon) Opera:

    Poništi
  5. proslijedio/la je Tweet
    6. sij
    Poništi
  6. proslijedio/la je Tweet
    16. pro 2019.

    We've published a brief guide on how organisations can collaborate more effectively with security researchers.

    Poništi
  7. proslijedio/la je Tweet
    12. pro 2019.

    Final call for comment on security.txt – a web security policy that aims to simplify the vulnerability disclosure process

    Poništi
  8. proslijedio/la je Tweet
    11. pro 2019.

    Finding a security contact is a nightmare. is always a great help

    Poništi
  9. proslijedio/la je Tweet
    11. pro 2019.

    + it is always hard to identify what website or brand is owned by what corporation. With megacorp structures it can be complicated to figure out who should be notified. Having security.txt will make identifying & notifying the rightful system owners stupidly simple.

    Poništi
  10. proslijedio/la je Tweet
    11. pro 2019.

    I don't know what the criticisms are but I'll say this, at the BBC, we find extremely beneficial (see for evidence). We'll continue to use it regardless but we'd def like to see it standardised for consistency & to promote reach/interop etc.

    Poništi
  11. proslijedio/la je Tweet
    11. pro 2019.
    Odgovor korisnicima i sljedećem broju korisnika:
    Poništi
  12. proslijedio/la je Tweet
    11. pro 2019.

    security.txt: the founders struggled reaching the right people when we wanted to report vulnerabilities back in 2012. Structuring and making this information available for everyone was one of the problems we wanted to solve with H1. (thread)

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    9. pro 2019.

    The draft created by has entered the last step of the IETF public discussion process known as "Last Call". Details here:

    Poništi
  14. proslijedio/la je Tweet

    Thanks to the fantastic work of the folk, the USG has a draft binding directive requiring gov orgs deploy a vuln disclosure programme including security.txt deployment. Should make it much easier to reach responsible defenders in USG.

    Poništi
  15. 20. stu 2019.

    A new version of the security.txt Internet draft has been published: . You can follow development of the specification on GitHub: .

    Poništi
  16. proslijedio/la je Tweet
    8. stu 2019.

    In happier news, good on for deploying a security.txt file. Props also to for all the work he’s done on the spec!

    Poništi
  17. proslijedio/la je Tweet
    30. lis 2019.
    Poništi
  18. proslijedio/la je Tweet

    Quite a few changes in the latest drafts: - Canonical directive - Switch to cleartext signatures - Removed Signature - All links must be HTTPS - Redirection only to the same domain I've updated my post about why you should have security.txt:

    Poništi
  19. 8. kol 2019.
    Poništi
  20. 22. svi 2019.

    Fun fact: At the beginning of this year, hid a flag for the BountyCon CTF in Google's security.txt file: .

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·