78% of Hardware Companies Lack Security.txt
2025-03-03
A developer maintaining a public list of companies using libexpat in hardware found that 78% (39 out of 50) of the companies tested in 2025 did not serve a /.well-known/security.txt file as specified by RFC 9116. This reveals a concerning lack of proactive security posture in many companies, making it difficult to contact their security teams. The author urges affected companies to fix this issue and share a link to securitytxt.org.
Hardware
security.txt