This repository contains the security.txt file for Firstpoint, following the RFC 9116 standard. It provides security researchers and ethical hackers with the necessary contact information for reporting vulnerabilities responsibly.
security.txt– The security contact file.security.txt.sig– GPG-signed version of thesecurity.txtfile.pgp-key.txt– The public PGP key used for encrypted communication.
- Security Contact Email: security@firstpoint.com.tr
- Security.txt: Available at
https://firstpoint.com.tr/.well-known/security.txt - PGP Key: Available at
https://firstpoint.com.tr/.well-known/pgp-key.txt - Security Policy:
https://firstpoint.com.tr/.well-known/security-policy.txt
To ensure the security.txt file is authentic and signed by Firstpoint, follow these steps:
gpg --import pgp-key.txtgpg --verify security.txt.sig security.txtIf you see a message like this, the file is authentic and signed by Firstpoint:
gpg: Signature made ... using RSA key 0xABCD1234EF567890
gpg: Good signature from "Firstpoint Security <security@firstpoint.com.tr>"
security.txt is a standardized security contact file that allows security researchers to report vulnerabilities in a responsible manner. It is placed under:
https://firstpoint.com.tr/.well-known/security.txt
This file helps ethical hackers, security researchers, and developers reach the right contact when they find potential security issues.
For more details, visit the official RFC 9116 specification:
📖 https://datatracker.ietf.org/doc/html/rfc9116
This repository is licensed under the MIT License.
This README.md will make it easy for security researchers and developers to understand the purpose of your security.txt repository. 🚀🔐