Over at The New York Times we implemented the security.txt standard last year, giving security researchers an easy way to find our responsible disclosure program and submit their findings. You can read more about the concept in a blog post on the NYT Open blog that I wrote and was published yesterday!

https://open.nytimes.com/making-reporting-effortless-especially-for-security-researchers-c2c7e96e9a55

#security #infosec #appsec #informationsecurity