Preview
Open Original
This talk explores the adoption of `security.txt`, as defined in [RFC 9116](https://www.rfc-editor.org/rfc/rfc9116), that enables websites to publish security contact information in a consistent and accessible way. We begin with a brief introduction to the RFC and the motivation behind standardized vulnerability disclosure. But is this even important to the network industry? To find out, we conclude with a focused analysis of security.txt adoption among organizations represented by this conference’s attendees, highlighting real-world trends, blind spots, and where we go from here. Licensed to the public under http://creativecommons.org/licenses/by/4.0 about this event: https://pretalx.com/denog17/talk/WKBJGE/
This talk explores the adoption of `security.txt`, as defined in [RFC 9116](https://www.rfc-editor.org/rfc/rfc9116), that enables websites to publish security contact information in a consistent and accessible way. We begin with a brief introduction to the RFC and the motivation behind standardized vulnerability disclosure. But is this even important to the network industry? To find out, we conclude with a focused analysis of security.txt adoption among organizations represented by this conference’s attendees, highlighting real-world trends, blind spots, and where we go from here. Licensed to the public under http://creativecommons.org/licenses/by/4.0 about this event: https://pretalx.com/denog17/talk/WKBJGE/ 
Video:denog17-75240-eng-Securitytxt_across_the_industry_hd.mp4
Video:denog17-75240-eng-Securitytxt_across_the_industry_hd.mp4 Similar Posts
Loading similar posts...