Configuration

This guidance is for all UK government organisations to configure the Vulnerability Reporting Service (VRS) for their websites and web services.


Step 1: implement a security.txt

There is a central deployment of the security.txt file to make it easier for you to implement on your systems and services.

You can find more about how to implement a signpost, including example code, here:
https://github.com/co-cddo/implement-security.txt


Step 2: submit contact and system details

Let GC3 know you have configured the security.txt by emailing you and your team's contact details and configured domains and URLs to

Back