Add SECURITY.md

Argyle-Software · Aug 24, 2023 · 476e22c · 476e22c
1 parent d03fec8
commit 476e22c
Showing 1 changed file with 30 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,30 @@
+# Kyber Security Policy
+
+## Reporting Security Issues
+
+If you discover a security vulnerability in this repository, please follow these steps to report it to us:
+
+1. **Do Not** open an issue on the public GitHub repository, as it might expose the vulnerability.
+2. Instead, send an [email](mailto:[email protected]) with details of the vulnerability.
+3. Provide a clear explanation of the issue, including the steps to reproduce it and any relevant technical details.
+4. We will acknowledge your email within 24 hours, and work with you to address the issue.
+
+## Security Updates
+
+We are committed to addressing security vulnerabilities in a timely manner. Our approach includes:
+
+- Regularly reviewing and addressing security-related issues reported to us.
+- Keeping the dependencies of this repository up to date to mitigate known vulnerabilities.
+- Following best practices for secure coding and development.
+
+## How We Handle Vulnerabilities
+
+1. Once a security vulnerability is reported to us, we will confirm its validity and assess its severity.
+2. We will work on developing and testing a fix for the vulnerability.
+3. A security update will be released as soon as possible, depending on the complexity of the issue.
+4. If applicable and necessary, we will coordinate with downstream dependencies and affected users.
+
+## Contact
+
+For any security-related inquiries or to report vulnerabilities, please contact via [email](mailto:[email protected]).
+