Skip to content

What is security.txt

A machine-readable file that tells security researchers how to report vulnerabilities. Without it, researchers may not know how to reach your security team.

Required fields

  • Contact — email or URL for reporting security issues
  • Expires — date after which the file is stale

Optional fields

Encryption, Acknowledgments, Preferred-Languages, Canonical, Policy, Hiring