Created SECURITY.md

Added information in SECURITY.md to inform how and when to report security issues

SECURITY.md

@@ -0,0 +1,35 @@
+# Security Policy
+
+## Preamble
+
+Since version 1.0.2, code security scans are done by **Sonar Cloud** as an additional security layer.
+
+[![SonarCloud](https://sonarcloud.io/images/project_badges/sonarcloud-white.svg)](https://sonarcloud.io/summary/new_code?id=Eurobertics_Nebucord)
+
+## Supported Versions
+
+Since it's first full release in version 1.0 all following versions are receiving security update
+released in new versions.
+Please note that versioning is continuous and packages with life-cycles or LTS are not available.
+To keep the latest secure version please use the latest stable release.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| >= 1.0  | :white_check_mark: |
+| < 1.0   | :x:                |
+
+## Reporting a Vulnerability
+
+You can report a Vulnerability by:
+
+- Createing an [Github issue](https://github.com/Eurobertics/Nebucord/issues)
+- Contact us on [Discord](https://discord.gg/fVHmDD3) (We will then create the issue on Github)
+
+When Reporting an security issue, please be specific as possible. At least the following information are mandatory:
+
+- Nebucord version used
+- PHP version used (PHP-CLI and core)
+- OS type and version
+- Client OS type and version if applicable (in case it affects an OS which the API communicates with (bot interactions i. e.))
+- What happens with this Vulnerability
+- Additional information (if applicable)