Nicolas Zahn · @NZahn42
298 followers · 485 posts · Server infosec.exchange

@HonkHase @ant0inet
---
RT @evawolfangel
Im Bild Moodle-Diskussionen ahnungloser Studierender, die wir im Netz gefunden haben neben deren Noten (und ja: da ist ein Edit-Button - wir hätten Noten ändern können). Wenn man sowas findet, das versucht zu melden und dann niemand reagiert, ist das ernüchternd.
twitter.com/digiges/status/163
twitter.com/evawolfangel/statu

#securitytxt #cybersecurity

Last updated 2 years ago

bitExpert AG · @bitexpert
25 followers · 56 posts · Server rheinneckar.social

A few days ago, we published the initial version of our first open-source Sulu CMS bundle to easily manage security.txt files.

Read more about it on our blog and give it a try: blog.bitexpert.de/blog/sulu_se

#bitblog #symfony #sulu #securitytxt

Last updated 2 years ago

eikendev · @eikendev
4 followers · 63 posts · Server infosec.exchange

Updated sectxt over the weekend to reflect the latest specification. Seems like barely any of the major websites fully comply to the standard, including . github.com/eikendev/sectxt

#securitytxt #google

Last updated 2 years ago

Internet.nl · @internet_nl
448 followers · 94 posts · Server mastodon.nl

@harld Goed gezien! We maken gebruik van de sectxt parser/validator (github.com/DigitalTrustCenter/) die dat niet doet. De reden daarvoor is dat er helaas geen standaard plek is om een publieke PGP-sleutel (die nodig is voor validatie van een handtekening) te kunnen ophalen. Bij de volgende update van Internet.nl zullen we in de toelichting van de test deze beperking vermelden.

#securitytxt

Last updated 2 years ago

Daniel W. Seiler · @dws_ch
511 followers · 201 posts · Server mastodon.world

RT @GovCERT_CH@twitter.com

To ensure that cybersecurity vulnerabilities can be quickly reported to an organisation, it is essential to implement the "security.txt" with the most important contact details.
ncsc.admin.ch/ncsc/en/home/akt

🐦🔗: twitter.com/GovCERT_CH/status/

#standard #securitytxt

Last updated 2 years ago

Daniel W. Seiler · @dws_ch
511 followers · 201 posts · Server mastodon.world

RT @GovCERT_CH@twitter.com

Damit einer Organisation Cybersicherheitslücken rasch gemeldet werden können, ist die Umsetzung des «security.txt» mit den wichtigsten Kontaktdaten ein Muss.
ncsc.admin.ch/ncsc/de/home/akt

🐦🔗: twitter.com/GovCERT_CH/status/

#standards #securitytxt

Last updated 2 years ago

Internet.nl · @internet_nl
448 followers · 94 posts · Server mastodon.nl

@jeroen @mastodon
Nice! The awesome admins of mastodon.nl already added a security.txt file to their server: en.internet.nl/site/mastodon.n
However, it would indeed be good if the Mastodon software promoted having a security.txt file by default.

#VulnerabilityDisclosure #securitytxt

Last updated 2 years ago

Internet.nl · @internet_nl
321 followers · 34 posts · Server mastodon.nl

In 2022, together with our partners, we further enhanced Internet.nl. The underlying software was upgraded, documentation was improved and we added tests for RPKI ROAs (routing security) and security.txt (contact information for vulnerability reports). We are excited to make testing for modern internet standards even more fun in 2023!
In the meantime, keep on testing and improving!
Happy holidays! 🎄 🎅 ✨🍾

#securitytxt #dmarc #dane #tls #rpki #dnssec #ipv6 #standards #moderninternet

Last updated 2 years ago

Tod Beardsley 🏴‍☠️ · @todb
994 followers · 682 posts · Server infosec.exchange
Esa Jokinen · @oh2fih
2 followers · 5 posts · Server infosec.exchange

It seems building a as defined in 9116 is not a simple task. Most of the files out there have formatting errors, are missing mandatory fields or including their own, unregistered fields.

The main reason must be the several changes during the draft phase, and even most of the validators are based on outdated versions. Therefore, I wrote a little Bash script to help with the validation and PGP signing of security.txt files.

github.com/oh2fih/securitytxt-

#securitytxt #rfc

Last updated 2 years ago

Dennis Irsigler · @dirsigler
114 followers · 152 posts · Server infosec.exchange

Dear and fellows:

Please try to host a file in your projects and workplace domains to allow researchers and hunters to find all the details on how to contact your security Team.

For most environments it is quite easy to just add some static file, for I have written my own microservice to provide this file.

For more details on the securitytxt file and what it is please refer to:
securitytxt.org

#cloudsecurity #blueteam #securitytxt #infosec #bugbounty #cloudnative #golang

Last updated 2 years ago

Marco · @marco
449 followers · 637 posts · Server darmstadt.social

Die coolen Themen auf der

Grüße an @zerforschung, ihr habt‘s auf ein BMI-Plakat geschafft, und danke an Ralf Käck für die Initiative! (1/2)

#sccon22 #ozg #itsec #securitytxt #tls #HSTS #dnssec #responsibledisclosure

Last updated 2 years ago

gaby_wald · @gaby_wald
70 followers · 16249 posts · Server framapiaf.org
gaby_wald · @gaby_wald
73 followers · 16270 posts · Server framapiaf.org
Nils · @Nils
127 followers · 803 posts · Server mastodon.xyz