The RFC9116 standard introduces a well-organized file format that simplifies security vulnerability reporting by placing a text file in the domain's .well-known folder. Similar in syntax to robots.txt, the security.txt file is designed to be both machine and human-readable, allowing security experts to easily contact a website's owner to report potential vulnerabilities.
By offering an automated security.txt generator for free, we aim to empower all of our users to enhance their security measures without additional costs.
One of the current challenges is the low adoption rate and compliance to the standard of the deployed files, with only 0.7% of the top one million internet domains embracing the security.txt file.
We've launched an extensive project with a three-pronged approach: evaluating the adoption rate, developing a free tool for RFC compliance testing, and pinpointing common implementation mistakes.
Collection
[
|
...
]