From 74fc35ad2c70154e1ce140ee0b5a2beed2f19207 Mon Sep 17 00:00:00 2001
From: Jay <jennifer.brawn@gmail.com>
Date: Wed, 8 Jan 2025 11:58:19 -0500
Subject: [PATCH] Create security-research-policy.md

---
 src/pages/security-research-policy.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 src/pages/security-research-policy.md

diff --git a/src/pages/security-research-policy.md b/src/pages/security-research-policy.md
new file mode 100644
index 0000000..ee28a0b
--- /dev/null
+++ b/src/pages/security-research-policy.md
@@ -0,0 +1,21 @@
+# Storacha Security Research Policy
+
+## Overview
+Our security research program is private and invitation-only. We do not accept unsolicited vulnerability reports or offer rewards for unrequested security research. 
+
+## Important Notice
+- All security testing must be pre-authorized in writing
+- Unauthorized security testing is prohibited
+- We do not provide bug bounties or rewards for unsolicited findings
+- Unauthorized testing may violate our Terms of Service and applicable laws
+
+## Reporting Security Issues
+1. Do not conduct any further testing
+2. Do not exploit the vulnerability
+3. Contact support@storacha.network
+4. Wait for explicit written authorization before any further action
+
+## Legal Notice
+Any unauthorized security testing, vulnerability scanning, or penetration testing of our systems is strictly prohibited and may result in legal action. We reserve all rights to pursue appropriate remedies against unauthorized security testing.
+
+Contact: support@storacha.network