Vulnerabilities

Security.txt: Make Vulnerabilities Easier to Report

Reporting a vulnerability requires special handling, each company has a different process, a security.txt file can help!

October 19, 2021 bdemers

We all know that all software has bugs and that security is hard, but somehow we are still surprised when we see new vulnerabilities.

A Developer Guide to Reporting Vulnerabilities

This post explains how to report a vulnerability and why it's important to do so responsibly.

March 13, 2020 bdemers

Many of us are not familiar with vulnerability reporting and how it is different from reporting a regular bug. Frequently, I’ve seen people report vulnerabilities or potential security issues incorrectly. A public bug tracker or Stack Overflow is NOT the right tool; developers need to handle vulnerabilities differently and should not disclose them until the project/vendor fixes them.

Brian Demers

Home

Blog

Recent Posts

From Hour-Long Builds to Streamlined Productivity: The Spring Boot Journey

Add Auth to Any App with OAuth2 Proxy

Authenticate from the Command Line with Java

Three Ways to Run Your Java Locally with HTTPS

Five Anti-Patterns with Secrets in Java