<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Know-How on cybersins/sec</title><link>https://cybersins.com/categories/know-how/</link><description>Recent content in Know-How on cybersins/sec</description><generator>Hugo</generator><language>en</language><copyright>Ideally Us</copyright><lastBuildDate>Wed, 28 Feb 2018 00:00:00 +0000</lastBuildDate><atom:link href="https://cybersins.com/categories/know-how/index.xml" rel="self" type="application/rss+xml"/><item><title>Implement "security.txt" to advocate responsible vuln. disclosures</title><link>https://cybersins.com/howto-responsible-disclosure-with-security-text/</link><pubDate>Wed, 28 Feb 2018 00:00:00 +0000</pubDate><guid>https://cybersins.com/howto-responsible-disclosure-with-security-text/</guid><description>What robots.txt is to search engines, security.txt is to security researchers - a standard file that publishes how to report a vulnerability to you. A quick guide to the format, its fields, and why publishing one signals you take security seriously.</description></item><item><title>Restrict Certificate Authorities (CA) to issue SSL certs. Enable CAA record in DNS</title><link>https://cybersins.com/certificate-authority-restrict-with-caa-dns-record/</link><pubDate>Sun, 25 Feb 2018 00:00:00 +0000</pubDate><guid>https://cybersins.com/certificate-authority-restrict-with-caa-dns-record/</guid><description>A CAA DNS record tells the world which Certificate Authorities are allowed to issue certificates for your domain - a simple whitelist against mis-issuance. What CAA is, why it matters after years of CA compromises, its syntax, and how to set it up.</description></item></channel></rss>