Who's Looking at Your security.txt File?, (Tue, Aug 23rd)

In April 2022, the RFC related to the small file “security.txt” was released[1]. It was already popular for a while, but an RFC is always a good way to “promote” some best practices! If you’re unaware of this file, it helps to communicate security contacts (email addresses, phone, …) to people who would like to contact you to report an issue with your website or your organization.  This security.txt file was deployed on my websites for a while, and I never really paid attention to its popularity. The ISC also has its one[2].

Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center