From a785ceba0957cdd66eadba788a611798d4dc2639 Mon Sep 17 00:00:00 2001
From: Mathieu Benoit <mathieu-benoit@hotmail.fr>
Date: Tue, 7 Jan 2025 22:50:19 -0500
Subject: [PATCH] Create SECURITY.md (#101)

Signed-off-by: Mathieu Benoit <mathieu-benoit@hotmail.fr>
---
 SECURITY.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..6d2b097
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,15 @@
+# Security Policy
+
+Thank you for taking the time to report a security vulnerability. We would like to investigate every report thoroughly.
+
+## Reporting a Vulnerability
+
+_Note: Please do not open a public issue describing the vulnerability._
+
+To report a security vulnerability, please navigate to the `Security` tab of the associated repository, and click on the [`Report a vulnerability`](https://github.com/score-spec/score-k8s/security/advisories/new) button.
+
+Then, fill in all the details of the vulnerability in English and click on `Submit report`. This submission will only be viewable to repository maintainers and will help us triage your report more quickly.
+
+## Evaluation and Response
+
+Response times could be affected by weekends, holidays, breaks or time zone differences. That said, the maintainers team endeavours to evaluate your report and reply as soon as possible, ideally within 10 working days.