From 2c12680b1568def344ae049ab67816417d6343c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Jel=C3=ADnek?= <djelinek@redhat.com>
Date: Tue, 5 Mar 2024 11:18:02 +0100
Subject: [PATCH] chore: Create SECURITY.md (#1175)

---
 SECURITY.md | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..258d33317
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,27 @@
+# Security Policy
+
+## Supported Versions
+
+We are supporting only the latest version of ExTester framework package.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| latest   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+If you discover a vulnerability in the ExTester project, we encourage you to report it to us so that we can address it promptly. 
+
+Here's how you can report a vulnerability:
+1. Email the details of the vulnerability to djelinek@redhat.com.
+2. Include as much information as possible about the vulnerability, including steps to reproduce if applicable.
+3. Please do not disclose the vulnerability publicly until we have had a chance to investigate and respond.
+
+### Expectations
+
+- We will acknowledge receipt of your vulnerability report within 3 business days.
+- We will strive to send regular updates on our investigation and planned fix.
+- If the vulnerability is accepted, we will work to address it in a timely manner, based on the severity and complexity.
+- If the vulnerability is declined, we will provide an explanation.
+
+Please note that the safety and security of our users are our top priorities, and we appreciate your cooperation and responsible disclosure.