Does Your Organization Have a Security.txt File?(krebsonsecurity.com) |
Does Your Organization Have a Security.txt File?(krebsonsecurity.com) |
Yep, I have a friend who just set hers up; she said within days she had received several emails that seemed more like threats than disclosures or offers to disclose. Worse yet, maybe for all parties, the wording was on the "way too diplomatic" side and this led to a loss of trust.
Prior to this situation she said her favorite reports involved https://www.openbugbounty.org/ and friendly advice on how to resolve the issue.