Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Provide details for security contact
See original GitHub issueAs cybersecurity researchers, we need to respond swiftly to security issues to ensure that our users are safe.
Hence, add security contact details at the following locations
.security.txtat the root of our project in compliance with the https://securitytxt.org draft RFC specification for machine parsing and human consumptionSECURITY.mdat the root of our project for human consumption
We would need to have contact details of e.g. an active community dev
We may also want to apply this to other projects we develop
Issue Analytics
- State:
- Created 5 years ago
- Comments:5 (5 by maintainers)
Top Results From Across the Web
Self-Report a Security Change or Concern
Please contact your agency's security office with any questions regarding your specific situation.
Read more >Security Clearances - United States Department of State
When preparing to fill out your e-QIP, collect and verify information such as names, addresses, telephone numbers, and dates of birth for immediate...
Read more >Standard Form 86 - Questionnaire for National Security - OPM
Background investigations for national security positions are conducted to gather information ... Provide the following contact information for this person.
Read more >eQIP Completion Help - Northrop Grumman
The address of employer must be the location of your Northrop Grumman HR/Security records which is 8710 Freeport Parkway, Irving, TX 75063, phone:...
Read more >Security Executive Agent Directive 3, “Reporting Requirement ...
Treatment provider, to include contact information. c. Date(s) treatment provided. 11. UNCLASSIFIED.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Building on what @Sh3llcod3 said, there isn’t actually anything there to exploit for most of the things. The main site is just serving static HTML files and the app is just referencing a cloud storage bucket. If you wrote the files, we would consider implementing them, but if you’ve found a vulnerability affecting our code, you’ve likely found something much more dangerous which should be reported through the usual channels.
In order to implement this, a trusted member of staff needs to provide their contact email address at the minimum. This staff member should preferably have keybase with a URL to their public key available.