Detections
Analytics

Security.txt File Not Detected

info Web App Scanning Plugin ID 112723

Language:

Synopsis

Security.txt File Not Detected

Description

A Security.txt file has not been detected on the target.

When security risks in web services are discovered by independent security researchers, this file defines the channels to disclose them properly & enables 3rd party researchers to disclose issues securely in a manner defined by the organization.

Organizations should consider creating a security.txt file containing contact and other information in the defined format and place it under the .well-known directory of the server.

See Also

https://securitytxt.org/

https://tools.ietf.org/html/draft-foudil-securitytxt-11

Plugin Details

Severity: Info

ID: 112723

Type: remote

Family: Web Servers

Published: 3/17/2021

Updated: 3/17/2021

Scan Template: basic, full, pci, scan