This looks like a fun chain by Frans Rosén. If readers are interested in rapidly checking CSP hosts, I wrote a tool for grabbing them concurrently: github.com/EdOverflow/csp.

Where can ethical hackers report vulnerabilities at your organization? Publish a security.txt file and test it with Internet․nl. Check the new security.txt (RFC 9116) test: en.internet.nl/article/securi… Digital Trust Center AlertOnline #cybersecuritymonth

I love that the Dutch government is actively promoting security.txt and encouraging companies to establish a route for reporting security incidents 😊 /cc Ed digitaltrustcenter.nl/nieuws/interne…

Retweeting this because I know BSides London tickets are hard to come by. :)

Nice blog post by Karim Rahal on the security implications of command injection in GitHub Actions.

Reminder: if you would like to follow my blog via RSS, I have a feed at edoverflow.com/index.xml. :)

I have been playing around with SvelteKit a lot recently. I wrote a short blog post on adding security headers to SvelteKit applications: edoverflow.com/2023/sveltekit…. I might do a more long-form one on the security pitfalls of SvelteKit applications at some point.

Exciting news! Apple joins the list of companies with a security.txt file. Now, we only need Netflix to complete the FAANG list. 🙌

I am working on something fun with Karim Rahal to address the challenge of repetitive security questionnaires: BlueMagnet (bluemagnet.io).

How do you pronounce "security.txt"?

Where did you first hear about security.txt?

I have set up a LinkedIn profile if people want to stay connected: linkedin.com/in/edoverflow/.

I will be giving a talk on Coordinated Vulnerability Disclosure (CVD) at Swiss Cyber Storm. If you are interested in attending, please find additional information below.

The Swiss Federal Government has adopted a report on ethical hacking referencing two swisscyberstorm 2023 speakers: Ed and Omer Akgul. Read the report here (in German and French): lnkd.in/dye5-qkY Watch all SCS talks here: youtube.com/@swisscybersto… #SCS23 #bugbounty