The security.txt Reports page shows vulnerability reports submitted through the security.txt standard across your monitored assets. It is accessible from Results > security.txt Reports in the left sidebar.
What Is security.txt Reporting?
When you verify assets using the security.txt method, external security researchers can discover your security contact information and submit vulnerability reports. This page collects and manages all incoming reports.
Report List
The report list displays all submitted security.txt reports:
| Column | Description |
|---|---|
| Asset | The asset the report was submitted for. |
| Title | Title of the submitted report. |
| URL | The specific URL referenced in the report. |
| Severity | Severity level of the reported issue (Critical, High, Medium, Low, Informational). |
| Status | Review status of the report (Waiting, Approved, Rejected). |
| Create Date | Date and time when the report was submitted. |
Report Statuses
| Status | Description |
|---|---|
| Waiting | The report has been submitted and is awaiting review. |
| Approved | The report has been reviewed and accepted as valid. |
| Rejected | The report has been reviewed and rejected. |
Filters
Use the filter bar to narrow the report list:
- Search -- Free text search across reports.
- Asset -- Filter by target asset.
- Tags -- Filter by asset tags.
- Read Status -- Filter by whether the report has been read.
- Status -- Filter by review status (Waiting, Approved, Rejected).