Table of Contents
Some well-known companies and platforms such as Facebook, Google or LinkedIn, but also US government agencies and public institutions, have them on their web servers: a file called security.txt. Consisting of a few short lines of text, it opens a door for security researchers and can at the same time help to quickly put a stop to threats.
More about encryption and security:
security.txt is a project that was launched in 2017, which aims to facilitate contact when vulnerabilities are found on the basis of a uniform format and storage location and with mandatory information about important information. At the same time, a well-maintained security.txt sends a positive and important signal: “We welcome your tips – don’t be afraid to share your discoveries with us immediately and directly”.
This article explains the background and syntax of the proposed Internet standard. It explains how, as a company or private person, you can create your own security.txt file with little effort. Security researchers learn where to find the file and what to do with the information it contains.
- Access to all heise + content
- exclusive tests, advice & backgrounds: independent, critically well-founded
- Read c’t, iX, MIT Technology Review, Mac & i, Make, c’t photography directly in your browser
- register once – read on all devices – can be canceled monthly
- first month free, then monthly from € 9.95
- Weekly newsletter with personal reading recommendations from the editor-in-chief
Start FREE month
Start your FREE month now
Already subscribed to heise +?
Sign up and read
Register now and read articles right away
More information about heise +