Add a security policy. (#393)

AcademySoftwareFoundation · Jul 26, 2019 · af86709 · af86709
1 parent da3cfc4
commit af86709
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,25 @@
+# Security and OpenCue
+
+The OpenCue Technical Steering Committee (TSC) takes security very
+seriously. We strive to design secure software, and utilize continuous 
+integration and code analysis tools to help identify potential 
+vulnerabilities.
+
+## Reporting Vulnerabilities
+
+Quickly resolving security related issues is a priority. If you think
+you've found a potential vulnerability in OpenCue, please report it by
+emailing <[email protected]>. Only TSC members and ASWF
+project management have access to these messages.
+
+Include detailed steps to reproduce the issue, and any other information that
+could aid an investigation. Someone will assess the report and make every
+effort to respond within 14 days.
+
+## Outstanding Security Issues
+
+None
+
+## Addressed Security Issues
+
+None