Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a security.txt for core data.gov properties (data.gov, catalog.data.gov, resources.data.gov) #4953

Open
1 task
tdlowden opened this issue Oct 29, 2024 · 0 comments
Open
1 task

Create a security.txt for core data.gov properties (data.gov, catalog.data.gov, resources.data.gov) #4953

tdlowden opened this issue Oct 29, 2024 · 0 comments
Labels
compliance Relating to security compliance or documentation

Comments

@tdlowden
Copy link
Member

Please keep any sensitive details in Google Drive.

Date of report: 10/29/24
Severity: Low
Due date: 1/31/25

  • Analysis has been performed and an issue has been linked to address other occurrences for this class of vulnerability* (link)

Brief description

security.txt files are a recommendation of CISA as one of the priority Cybersecurity Performance Goals: https://www.cisa.gov/news-events/news/securitytxt-simple-file-big-value

We are also dinged on ScanGov for not having them, affecting our score: https://scangov.org/profile/?domain=data.gov#security

Adding a security.txt to our core sites will help us align with best practices and score higher on security factors
@tdlowden tdlowden added the compliance Relating to security compliance or documentation label Oct 29, 2024
@Bagesary Bagesary moved this to 📥 Queue in data.gov team board Oct 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
compliance Relating to security compliance or documentation
Projects
data.gov team board
Status: 📥 Queue
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tdlowden