From d6656f3ed47da3d41c40d2289c2e133127853a55 Mon Sep 17 00:00:00 2001
From: Andreas Falk <info@andreas-falk.de>
Date: Mon, 9 Oct 2023 12:09:13 +0200
Subject: [PATCH] Create SECURITY.md

---
 SECURITY.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..ebae59a
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+This is just an application for demo purposes. Therefore no support for any versions is provided here.
+
+## Reporting a Vulnerability
+
+Our organization takes security bugs seriously. We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.
+
+To report a security issue, please use the GitHub Security Advisory ["Report a Vulnerability"](https://github.com/andifalk/supply-chain-security/security/advisories/new) tab.
+
+The team will send a response indicating the next steps in handling your report. After the initial reply to your report, the security team will keep you informed of the progress toward a fix and a full announcement 
+and may ask for additional information or guidance.
+
+Report security bugs in third-party modules to the person or team maintaining the module.