Skip to content

co-cddo/implement-security.txt

BranchesTags

Repository files navigation

Implement security.txt

This repo contains ways to signpost to the central vulnerability reporting service (VRS) for use by UK government organisations.

The central security.txt file is available here:
https://vulnerability-reporting.service.security.gov.uk/.well-known/security.txt
where it is maintained and generated at: https://github.com/co-cddo/gc3-vuln-reporting-iac

There are several ways to implement a signpost:

  1. 001-http-redirect: 302 redirect
  2. 002-faas-edge-code: FaaS (Cloudflare or AWS CloudFront) 302 redirect
  3. 003-html-redirect: HTML meta tag
  4. 004-dnssecuritytxt: DNS TXT records

If you need any support or have any queries, you can email: vm@gc3.security.gov.uk

About

Implementation mechanisms for the UK government's central security.txt

vulnerability-reporting.service.security.gov.uk/config

Topics

vulnerability-management cyber-security securitytxt vulnerability-reports ukgovernmentsecurity

Resources

Readme

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages