Introduction
Introduction Statistics Contact Development Disclaimer Help
===== COLIN COGLE'S BLOG =====
"A File Format to Aid in Security Vulnerability Disclosure"
by Colin Cogle
This article was first published in "2600: The Hacker Quarterly", volume 38:2.
Please support the official release!
Updated and re-published online May 19, 2022.
ABSTRACT:
When security vulnerabilities are discovered by researchers, proper reporting
channels are often lacking. As a result, vulnerabilities may be left unreported.
Fortunately, there is a machine-parsable format ("security.txt") to help organi-
zations describe their vulnerability disclosure practices to make it easier for
researchers to report vulnerabilities.
READ THE ARTICLE:
Read the article (plain text).
Read the article (on the web).
Buy a printed copy of the magazine.
Buy a DRM-free PDF copy of the magazine.
SUPPLEMENTARY MATERIALS:
RFC 9116 - "A File Format to Aid in Security Vulnerability Disclosure"
"security.txt" official web site
CITE THIS ARTICLE:
Cogle, Colin. "A File Format to Aid in Security Vulnerability Disclosure."
2600: The Hacker Quarterly, vol. 38:2 (Summer 2021), June 2021, pp.57-58,
colincogle.name/blog/security-txt/.
You are viewing proxied material from colincogle.name. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.