diff --git a/advocacy_docs/security/advisories/cve.mdx.template b/advocacy_docs/security/advisories/cve.mdx.template
new file mode 100644
index 00000000000..d6068344f5b
--- /dev/null
+++ b/advocacy_docs/security/advisories/cve.mdx.template
@@ -0,0 +1,63 @@
+---
+title: CVE Title
+navTitle: CVE ID as CVE-Year-Number
+---
+
+First Published: YYYY/MM/DD (ISO8601)
+
+Last Updated: YYYY/MM/DD
+
+## Summary 
+
+SUMMARY
+
+## Vulnerability details
+
+CVE-ID:  LINK TO ID
+
+CVSS Base Score: SCORE
+
+CVSS Temporal Score: TEMPORAL SCORE
+
+CVSS Environmental Score: ENVIRONMENTAL SCORE
+
+CVSS Vector: VECTOR
+
+## Affected products and versions
+
+* LIST OF AFFECTED PRODUCTS
+
+## Remediation/fixes
+
+| Product | VRMF | Remediation/First Fix |
+|---------|------|-----------------------|
+| PRODUCT | VERSION | REMEDIATION |
+
+!!! Note Update
+OPTIONAL UPDATE NOTE
+!!!
+
+## References
+
+* [https://www.first.org/cvss/calculator/3.1](https://www.first.org/cvss/calculator/3.1)
+* LINKS TO REFERENCES
+
+
+## Related Information
+
+* [EnterpriseDB](https://www.enterprisedb.com/)
+* LINKS TO OTHER RELATED INFORMATION
+* [EDB Blogs Link]()
+
+## Acknowledgement
+
+Source: SOURCE
+
+## Change history
+
+DD mmmm YYYY: ACTION
+
+## Disclaimer
+
+
+This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document.
\ No newline at end of file
diff --git a/advocacy_docs/security/advisories/cve20074639.mdx b/advocacy_docs/security/advisories/cve20074639.mdx
new file mode 100644
index 00000000000..b542776cba3
--- /dev/null
+++ b/advocacy_docs/security/advisories/cve20074639.mdx
@@ -0,0 +1,57 @@
+---
+title: EDB Advanced Server 8.2 improperly handles debugging function calls
+navTitle: CVE-2007-4639
+---
+
+First Published: 2007/08/31
+
+Last Updated: 2018/10/15
+
+## Summary
+
+EDB Postgres Advanced Server 8.2 (EPAS) does not properly handle certain debugging function calls that occur before a call to `pldbg_create_listener`, which allows remote authenticated users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a SELECT statement that invokes a `pldbg_` function, as demonstrated by (1) `pldbg_get_stack` and (2) `pldbg_abort_target`, which triggers use of an uninitialized pointer.
+
+## Vulnerability details
+
+CVE-ID:  [CVE-2007-4639](https://nvd.nist.gov/vuln/detail/CVE-2007-4639)  
+CVSS Base Score: Undefined  
+CVSS Temporal Score: Undefined  
+CVSS Environmental Score: Undefined  
+CVSS Vector: Undefined
+
+## Affected products and versions
+
+EDB Postgres Advanced Server (EPAS)
+* 8.2
+
+## Remediation/fixes 
+
+| Product | VRMF | Remediation/First Fix |
+|---------|------|-----------------------|
+| EPAS | 8.2 | Upgrade to a supported version of EPAS |
+
+!!! Note Update
+This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
+!!!
+
+## References
+
+* [https://www.first.org/cvss/calculator/3.1](https://www.first.org/cvss/calculator/3.1)
+* [CWE-284 Improper Access Control](http://cwe.mitre.org/data/definitions/284.html)
+
+## Related information
+
+* [EnterpriseDB](https://www.enterprisedb.com/)
+* [EDB Postgres Advanced Server (EPAS)](https://www.enterprisedb.com/products/edb-postgres-advanced-server)
+* [EDB Blogs Link]()
+
+## Acknowledgement
+Source: MITRE
+
+## Change history
+
+26 July 2023: Original Copy Published
+
+## Disclaimer
+
+This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document.
\ No newline at end of file
diff --git a/advocacy_docs/security/advisories/cve201910128.mdx b/advocacy_docs/security/advisories/cve201910128.mdx
new file mode 100644
index 00000000000..004d2a03b4e
--- /dev/null
+++ b/advocacy_docs/security/advisories/cve201910128.mdx
@@ -0,0 +1,66 @@
+---
+title: EDB supplied PostgreSQL inherits ACL for installation directory
+navTitle: CVE-2019-10128
+---
+
+First Published: 2021/03/19
+
+Last Updated: 2022/01/01
+
+## Summary
+
+A vulnerability was found in PostgreSQL versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code.
+
+## Vulnerability details
+
+CVE-ID:   [CVE-2019-10128](https://nvd.nist.gov/vuln/detail/CVE-2019-10128)  
+CVSS Base Score: 7.8  
+CVSS Temporal Score: Undefined  
+CVSS Environmental Score: Undefined  
+CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+
+## Affected products and versions
+
+PostgreSQL
+
+* All versions up to 9.4.21
+* 9.5.0 to 9.5.16
+* 9.6.0 to 9.6.12
+* 10.0 to 10.7
+* 11.0 to 11.2
+
+## Remediation/fixes
+
+| Product | VRMF | Remediation/First Fix |
+|---------|------|-----------------------|
+| Postgresql | Up to 9.4.21 | Update to latest version (at least 9.4.22) |
+| Postgresql | 9.5.0 to 9.5.16 | Update to latest version (at least 9.5.17) |
+| Postgresql | 9.6.0 to 9.6.12 | Update to latest version (at least 9.6.13) |
+| Postgresql | 10.0 to 10.7 | Update to latest version (at least 10.8) |
+| Postgresql | 11.0 to 11.2 | Update to latest version (at least 11.3) |
+
+!!! Note Update
+No updates at this time
+!!!
+
+## References
+
+* [https://www.first.org/cvss/calculator/3.1](https://www.first.org/cvss/calculator/3.1)
+* [CWE-284 Improper Access Control](http://cwe.mitre.org/data/definitions/284.html)
+
+## Related Information
+
+* [EnterpriseDB](https://www.enterprisedb.com/)
+* [Postgresql](https://www.postgresql.org)
+* [EDB Blogs Link]()
+
+## Acknowledgement
+Source: Red Hat Inc
+
+## Change history
+
+26 July 2023: Original Copy Published
+
+## Disclaimer
+
+This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document.
diff --git a/advocacy_docs/security/advisories/cve202331043.mdx b/advocacy_docs/security/advisories/cve202331043.mdx
new file mode 100644
index 00000000000..c341c6fcf28
--- /dev/null
+++ b/advocacy_docs/security/advisories/cve202331043.mdx
@@ -0,0 +1,68 @@
+---
+title: EDB Postgres Advanced Server (EPAS) logs unredacted passwords prior to 14.6.0
+navTitle: CVE-2023-31043
+---
+
+First Published: 2023/04/23
+
+Last Updated: 2023/05/02
+
+## Summary
+
+EDB Postgres Advanced Server (EPAS) versions before 14.6.0 log unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.
+
+## Vulnerability details
+
+CVE-ID:  [CVE-2023-31043](https://nvd.nist.gov/vuln/detail/CVE-2023-31043)  
+CVSS Base Score: 7.5  
+CVSS Temporal Score: Undefined  
+CVSS Environmental Score: Undefined  
+CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+
+## Affected products and versions
+
+EDB Postgres Advanced Server (EPAS)
+
+* All versions up to 10.23.32
+* 11.1.7 to 11.18.28
+* 12.1.2 to 12.13.16
+* 13.1.4 to 13.9.12
+* 14.1.0 to 14.5.0
+* 14.1.0 to 14.5.0
+
+## Remediation/fixes
+
+| Product | VRMF | Remediation/First Fix |
+|---------|------|-----------------------|
+| EPAS | All versions <br/>up to 10.23.32 | Update to latest supported version <br/> (at least [10.23.33](https://www.enterprisedb.com/docs/epas/10/epas_rel_notes/epas10_23_33_rel_notes/)) |
+| EPAS | 11.1.7 to <br/>11.18.28 | Update to latest supported version <br/> (at least [11.18.29](https://www.enterprisedb.com/docs/epas/11/epas_rel_notes/epas11_18_29_rel_notes/)) |
+| EPAS | 12.1.2 to <br/>12.13.16 | Update to latest supported version <br/> (at least [12.13.17](https://www.enterprisedb.com/docs/epas/12/epas_rel_notes/epas12_13_17_rel_notes/)) |
+| EPAS | 13.1.4 to <br/>13.9.12 | Update to latest supported version <br/> (at least [13.9.13](https://www.enterprisedb.com/docs/epas/13/epas_rel_notes/epas13_9_13_rel_notes/)) |
+| EPAS | 14.1.0 to <br/>14.5.0 | Update to latest supported version <br/> (at least [14.6.0](https://www.enterprisedb.com/docs/epas/14/epas_rel_notes/epas14_6_0_notes/))|
+
+!!! Note Update
+No Updates at this time
+!!!
+
+## References
+
+* [https://www.first.org/cvss/calculator/3.1](https://www.first.org/cvss/calculator/3.1)
+* [CWE-312 Cleartext Storage of Sensitive Information](http://cwe.mitre.org/data/definitions/312.html)
+
+
+## Related information
+
+* [EnterpriseDB](https://www.enterprisedb.com/)
+* [EDB Postgres Advanced Server (EPAS)](https://www.enterprisedb.com/products/edb-postgres-advanced-server)
+* [EDB Blogs Link]()
+
+## Acknowledgement
+Source: Mitre
+
+## Change history
+
+26 July 2023: Original Copy Published
+
+## Disclaimer
+
+This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. EDB reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document.
diff --git a/advocacy_docs/security/advisories/index.mdx b/advocacy_docs/security/advisories/index.mdx
new file mode 100644
index 00000000000..a7c597a5d49
--- /dev/null
+++ b/advocacy_docs/security/advisories/index.mdx
@@ -0,0 +1,40 @@
+---
+title: EDB Security Advisories
+navTitle: Advisories
+iconName: Security
+hideKBLink: true
+hideToC: true
+---
+
+## Advisories
+
+<table class="table table-bordered overflow-hidden"><tr><td>
+<details><summary><h3 style="display:inline"><a href="cve202331043">CVE-2023-31043</a></h3><h4>EDB Postgres Advanced Server 10.23.32 to 14.5.0</h4>
+Updated: 2023/05/02<br/>
+EDB Postgres Advanced Server (EPAS) logs unredacted passwords prior to 14.6.0
+<br/></summary>
+<hr/>
+<em>Summary:</em> EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.
+<a href="cve202331043">Read More...</a>
+</details></td></tr></table>
+
+<table class="table table-bordered overflow-hidden"><tr><td>
+<details><summary><h3 style="display:inline"><a href="cve201910128">CVE-2019-10128</a></h3><h4>PostgreSQL</h4>
+Updated: 2022/01/01<br/>
+EDB supplied PostgreSQL inherits ACL for installation directory
+<br/></summary>
+<hr/>
+<em>Summary:</em> A vulnerability was found in PostgreSQL versions 11.x prior to 11.3. The Windows installer for EDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code.
+<h5><a href="cve201910128">Read More...</a></h5>
+</details></td></tr></table>
+
+<table class="table table-bordered overflow-hidden"><tr><td>
+<details><summary><h3 style="display:inline"><a href="cve20074639">CVE-2007-4639</a></h3><h4>EDB Postgres Advanced Server version 8.2</h4>
+Updated: 2018/10/15<br/>
+EDB Advanced Server 8.2 improperly handles debugging function calls
+<br/></summary>
+<hr/>
+<em>Summary:</em> EDB Postgres Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to <code>pldbg_create_listener</code>, which allows remote authenticated users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a SELECT statement that invokes a <code>pldbg_</code> function, as demonstrated by (1) <code>pldbg_get_stack</code> and (2) <code>pldbg_abort_target</code>, which triggers use of an uninitialized pointer.
+<h5><a href="cve20074639">Read More...</a></h5>
+</details></td></tr></table>
+
diff --git a/advocacy_docs/security/index.mdx b/advocacy_docs/security/index.mdx
new file mode 100644
index 00000000000..593c659780e
--- /dev/null
+++ b/advocacy_docs/security/index.mdx
@@ -0,0 +1,55 @@
+---
+title: EDB Security
+navTitle: EDB Security
+hideToC: true
+directoryDefaults:
+  iconName: Security
+  indexCards: none
+  hideKBLink: true
+navigation:
+  - vulnerability-disclosure-policy
+  - advisories
+---
+
+EDB is committed to a security first approach, from the products we build and the platforms we operate, to the services we provide our customers. Transparency is a core principle for the program and part of this effort includes welcoming incoming reports so that we can address concerns surfaced by our customers or security researchers. You’ll also find it in our advisories, which detail issues found and the required fixes or mitigations needed to keep your data and databases safe.
+
+## Policies
+
+* <h3><a href="vulnerability-disclosure-policy">EDB Vulnerability Disclosure Policy</a></h3>
+This policy outlines how EnterpriseDB handles disclosures related to suspected vulnerabilities within our products, systems, or services. It also provides guidance for those who wish to perform security research, or may have discovered a potential security vulnerability impacting EDB.
+
+## Advisories
+
+
+<table class="table table-bordered overflow-auto"><tr><td>
+<details><summary><h3 style="display:inline"><a href="advisories/cve202331043">CVE-2023-31043</a></h3><h4>EDB Postgres Advanced Server 10.23.32 to 14.5.0</h4>
+Updated: 2023/05/02<br/>
+EDB Postgres Advanced Server (EPAS) logs unredacted passwords prior to 14.6.0
+<br/></summary>
+<hr/>
+<em>Summary:</em> EDB Postgres Advanced Server (EPAS) versions before 14.6.0 log unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.
+<a href="advisories/cve202331043">Read More...</a>
+</details></td></tr></table>
+
+<table class="table table-bordered overflow-auto"><tr><td>
+<details><summary><h3 style="display:inline"><a href="advisories/cve201910128">CVE-2019-10128</a></h3><h4>PostgreSQL</h4>
+Updated: 2022/01/01<br/>
+EDB supplied PostgreSQL inherits ACL for installation directory
+<br/></summary>
+<hr/>
+<em>Summary:</em> A vulnerability was found in PostgreSQL versions 11.x prior to 11.3. The Windows installer for EDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code.
+<h5><a href="advisories/cve201910128">Read More...</a></h5>
+</details></td></tr></table>
+
+<table class="table table-bordered overflow-auto"><tr><td>
+<details><summary><h3 style="display:inline"><a href="advisories/cve20074639">CVE-2007-4639</a></h3><h4>EDB Postgres Advanced Server version 8.2</h4>
+Updated: 2018/10/15<br/>
+EDB Advanced Server 8.2 improperly handles debugging function calls
+<br/></summary>
+<hr/>
+<em>Summary:</em> EDB Postgres Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to <code>pldbg_create_listener</code>, which allows remote authenticated users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a SELECT statement that invokes a <code>pldbg_</code> function, as demonstrated by (1) <code>pldbg_get_stack</code> and (2) <code>pldbg_abort_target</code>, which triggers use of an uninitialized pointer.
+<h5><a href="advisories/cve20074639">Read More...</a></h5>
+</details></td></tr></table>
+
+
+
diff --git a/advocacy_docs/security/vulnerability-disclosure-policy.mdx b/advocacy_docs/security/vulnerability-disclosure-policy.mdx
new file mode 100644
index 00000000000..89dc59dfbf0
--- /dev/null
+++ b/advocacy_docs/security/vulnerability-disclosure-policy.mdx
@@ -0,0 +1,106 @@
+---
+title: EDB Vulnerability disclosure policy
+navTitle: Vulnerability disclosure policy
+iconName: Security
+hideKBLink: true
+---
+
+EDB is committed to a security first approach, from the products we build and the platforms we operate, to the services we provide our customers.
+
+
+## Introduction
+
+This policy outlines how [EnterpriseDB](https://www.enterprisedb.com/) handles disclosures related to suspected vulnerabilities within our products, systems, or services. It also provides guidance for those who wish to perform security research, or may have discovered a potential security vulnerability impacting EnterpriseDB.
+
+
+## Audience
+
+This policy outlines the procedure for external security researchers, customers, partners, and the wider community to report potential security vulnerabilities. If you believe you have discovered a potential security vulnerability impacting EnterpriseDB, please follow our reporting process set forth below.  
+
+
+## Reporting vulnerabilities
+
+If you have identified a potential security vulnerability, please notify us at [disclosures@enterprisedb.com](mailto:disclosures@enterprisedb.com). 
+
+The following should be included in your message: 
+
+* **Description** - detailed information about the nature of the vulnerability 
+* **Proof of Concept** - including steps to reproduce the issue, uncompiled source code, and/or screen shots 
+* **Impact** - the potential impact, and any relevant technical details. 
+* Remediation recommendations
+* References if available
+
+If, during the course of your research, you suspect you have encountered sensitive information, immediately cease all activities and contact us at [security@enterprisedb.com](mailto:security@enterprisedb.com). 
+
+
+## Our commitments
+
+When a vulnerability report is received, we commit to:
+
+* Acknowledging receipt of your vulnerability report in a timely manner.
+* Validating the reported vulnerability.
+* Prioritizing and resolving validated vulnerabilities, communicating progress and mitigation actions as appropriate.
+* Notifying you when the vulnerability is resolved, where possible.    
+
+
+## Safe harbor
+
+We appreciate the security community’s efforts to help us identify and securely remediate any vulnerabilities that may impact EnterpriseDB or our customers. When you investigate and report vulnerabilities under this policy, we grant you a “safe harbor,” and will not pursue claims against you for any lawful conduct.
+
+
+## Confidentiality
+
+Please do not share information about the vulnerability with others until we have had reasonable time to address it. If you have discovered a vulnerability, please do not disclose it publicly without our consent.
+
+
+## Rewards
+
+While we don't have a formal bug bounty program, we recognize and appreciate the valuable role that security researchers play in the discovery and mitigation of vulnerabilities. EnterpriseDB may, at its own discretion, provide rewards for the disclosure of previously unknown vulnerabilities, depending on their severity and impact.
+
+
+## Disclaimer
+
+While we strive to acknowledge, triage and respond to all reports as quickly as possible, this policy does not constitute a binding agreement.
+
+
+## Out of scope
+
+The following types of attacks are out of scope and are not eligible for a reward or covered under safe harbor:
+
+* Brute force attacks such as credential stuffing, dictionary attacks, password spraying and any use of botnets (crawling our sites and services is okay)
+* Denial of service attacks such as distributed denial of service, advanced persistent denial of service and certain types of application layer attacks
+* Information disclosure that only contains version information unless that information is included in a working proof of concept 
+* Missing best practices in regards to header configurations, SPF/DKIM/DMARC records and SSL/TLS configurations 
+* Cross-Site Request Forgery (CSRF) on unauthenticated forms, or forms with no sensitive actions
+* Clickjacking on pages with no sensitive actions
+* Vulnerabilities that only affect users of outdated or unpatched software or services
+
+  
+Thank you for helping to keep [EnterpriseDB](https://www.enterprisedb.com/) and our customers safe!
+
+By submitting a vulnerability, you acknowledge that you have read and agreed to this policy.
+
+Please note that this policy may be updated from time to time. Please refer to the latest version before reporting a vulnerability.
+
+
+### Change history
+
+<table>
+  <tr>
+   <td><strong>Date</strong>
+   </td>
+   <td><strong>Description</strong>
+   </td>
+   <td><strong>Version</strong>
+   </td>
+  </tr>
+  <tr>
+   <td>July 20th 2023
+   </td>
+   <td>Document creation
+   </td>
+   <td>1.0
+   </td>
+  </tr>
+</table>
+
diff --git a/src/components/footer.js b/src/components/footer.js
index 892501692ff..c020ff322fb 100644
--- a/src/components/footer.js
+++ b/src/components/footer.js
@@ -36,6 +36,10 @@ const Footer = ({ timestamp, githubFileLink }) => (
       GDPR
     </Link>
     ·
+    <Link className="text-muted mx-2" to="/security">
+      Security
+    </Link>
+    .
     <Link
       className="text-muted mx-2"
       to="https://www.enterprisedb.com/privacy-policy"
diff --git a/src/templates/learn-doc.js b/src/templates/learn-doc.js
index e497f6fb3ba..d00cf708030 100644
--- a/src/templates/learn-doc.js
+++ b/src/templates/learn-doc.js
@@ -166,7 +166,7 @@ const LearnDocTemplate = ({ data, pageContext }) => {
   return (
     <Layout pageMeta={pageMeta} katacodaPanelData={katacodaPanel}>
       <Container fluid className="p-0 d-flex bg-white">
-        <SideNavigation>
+        <SideNavigation hideKBLink={frontmatter.hideKBLink}>
           <LeftNav
             navTree={navTree}
             navLinks={navLinks}