An RFC that helps organisations define security policies by @EdOverflow & @nightwatchcyber.
👉 https://t.co/KktAVPg8PH
📖 https://t.co/LVpnsiLQNZsecuritytxt.org /.well-known/Joined November 2015
This is probably the best public Vulnerability Disclosure Program terms I've ever seen. It demonstrates the exact nature of a VDP, "see something, say something" no more, no less. +10 for hosting a @securitytxt file too. Nice work @ServiceNow 👏
Looking for a little project to keep you busy on the weekend? I was just thinking: how many of the breached websites in @haveibeenpwned now have a security.txt file? So, if you feel like grabbing those domains and querying them all, there's an API here: haveibeenpwned.com/API/v3#AllBrea…
This is great: having a security.txt file is now mandatory for Dutch government websites. They either need to apply this as a standard or provide a good justification for why they're not using it ("Apply of Explain") digitaltrustcenter.nl/nieuws/securit…
security.txt 📑 has been added to the 'Comply or Explain' list of the Netherlands Standardisation Forum. This means that Dutch municipalities, provinces, the state, water boards and all operational organisations are obliged to apply this open standard.✅forumstandaardisatie.nl/nieuws/securit…
Bridge the gap between your website and security researchers. ✅ Implement security.txt and promote coordinated vulnerability disclosure.
Need help getting started?
➡️ Head on over to securitytxt.org.
#securitytxt#cybersecurity
Can you spare an hour to help us improve rfc-editor.org (the official home of RFCs)? If you’ve used RFCs for work, school or research, we’d love to learn from you - particularly if you're new here! Volunteer by answering a few quick questions: docs.google.com/forms/d/e/1FAI…
A tale of Google dorks finding subdomain takeovers plus why having a security.txt & a responsive security team are good news all round. London Councils & pirate books. Google dorking for subdomain takeovers. Thanks to our @OPSEC_failedpentestpartners.com/security-blog/…#cybersecuritytips
250K Followers 1K FollowingCreator of @haveibeenpwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
2 Followers 6 FollowingAgenzia est une entreprise de services numériques (ESN) nouvelle génération. Nous accompagnons les PME dans leur transformation digitale en fusionnant deux pili
226 Followers 3K FollowingDedicated cypto trader,HODL ,Solana trench junkey ,ambitious about security protocols and aim to protect other traders from rug pulls,btc holder,web developer,s
1K Followers 7K FollowingAndroid Dev. Gamer. Dad.
Opinions here are my own, not those of my company, past or present.
Specified as “parody".
Resharing at:
https://t.co/7qqKjWiegD
219 Followers 2K FollowingCabinet de conseil en protection de l'information et des données. Sécurité des systèmes d'information en République de Guinée.
250K Followers 1K FollowingCreator of @haveibeenpwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
37K Followers 326 FollowingHacker, researcher, builder of things. Founded @securityheaders/@reporturi, Pluralsight author, Microsoft MVP, award winning entrepreneur. Likes cars.
133 Followers 41 FollowingCyber Security student working on security research. Areas of interest: web-application security, OSINT, and supply-chain attacks.
10K Followers 325 FollowingIn your web, securing your app. Hacker, webdev, speaker. Security @Shoptet, ex-@reporturi. HTTPS = How To Transfer Private Sh*. Also https://t.co/FaJemVWLCx, https://t.co/claenMAOrC.
104K Followers 8 Followinghttps://t.co/fgXNGNt7gm
Abandoned this site in 2022 but hopeful for the future of social media. Consider migrating to Mastodon DEFCON.socal