Merge pull request #140 from gelecekbilimde/aleyna-yildizli-patch-1

#84 | Add SECURITY.md file for reporting vulnerabilities
gelecekbilimde · Sep 23, 2024 · 4b0c965 · 4b0c965
2 parents 2e3406e + af1b4fc
commit 4b0c965
Showing 1 changed file with 30 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,30 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in this project, we appreciate your responsible disclosure. To report a vulnerability, please follow these steps:
+
+1. **Do Not Disclose Publicly**  
+   Do not open a public issue regarding the vulnerability. We ask that you keep the information confidential until we can address the issue and notify our users.
+
+2. **Send a Report**  
+   You can report any vulnerabilities via email to the following contact:
+
+   **Security Team Contact**: [[email protected]](mailto:[email protected])
+
+3. **Include the Following Information**  
+   - Detailed description of the vulnerability
+   - Steps to reproduce the issue
+   - Potential impact of the vulnerability
+   - Any possible mitigations you can suggest
+
+4. **Response Time**  
+   We will respond to your report within 48 hours. After the initial assessment, we will provide you with a detailed plan to address the issue, including the timeline for a fix.
+
+5. **Acknowledgement**  
+   Once the vulnerability is resolved, we will give you credit for the responsible disclosure in our release notes, unless you prefer to remain anonymous.
+
+## Security Updates
+
+We continuously monitor and update dependencies for security patches. Please ensure you are using the latest version of our software to stay protected.
+