From bdb9300a46f5ce12664300858b90bd5493f6007d Mon Sep 17 00:00:00 2001
From: Joseph Sirianni <joe.sirianni@observiq.com>
Date: Thu, 15 Aug 2024 10:07:48 -0400
Subject: [PATCH] Enable vulnerability reporting (#51)

---
 SECURITY.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..0eb6f00
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,14 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you find something suspicious and want to report it, we'd really appreciate!
+
+### Ways to Report
+
+In order for the vulnerability reports to reach maintainers as soon as possible, the preferred way is to use the
+`Report a vulnerability button` on the `Security` tab in the respective GitHub repository. It creates a private
+communication channel between the reporter and the maintainers.
+
+If you are absolutely unable to or have strong reasons not to use GitHub reporting workflow, please send an email
+to support@observiq.com.