Pack v4.4.2Rev 4.4.2OwnerFirstTry SolutionsLast Updated2026-02-26ReviewAnnualDoc IDFT-TRUST-019

security.txt

Overview¶

This document provides pointers to FirstTry security information in standard format (adapted for documentation from RFC 9116 .well-known/security.txt specification).

Standard location: .well-known/security.txt on FirstTry's website (if hosted independently)

For Forge app: Refer to this document for security information locations.

Security Information Contacts¶

Contact: security.contact@firsttry.run
Contact: contact@firsttry.run

Vulnerability Disclosure¶

Disclosure: https://github.com/Firsttry-Solutions/firsttry/docs/trust/VULNERABILITY_DISCLOSURE_POLICY.md

Security Policies¶

Policy: docs/trust/SECURITY_OVERVIEW.md
Policy: docs/trust/THREAT_MODEL.md
Policy: docs/trust/VULNERABILITY_DISCLOSURE_POLICY.md

Acknowledgments¶

Acknowledgments: https://github.com/Firsttry-Solutions/firsttry/blob/main/SECURITY_ACKNOWLEDGMENTS.md

References¶

RFC 9116: Web Security Policies via Well-Known URLs
SECURITY_CONTACT.md: Detailed contact information
VULNERABILITY_DISCLOSURE_POLICY.md: Reporting process