From 7ce0afa14513e75fffd3a90dedf3f98d72f30597 Mon Sep 17 00:00:00 2001
From: Guillaume Lours <guillaume.lours@docker.com>
Date: Thu, 13 Feb 2020 11:11:53 +0100
Subject: [PATCH] Add a security guide to the repository

Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
---
 SECURITY.md | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..e2eef87
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,9 @@
+# Reporting security issues
+
+The Compse Reference Implementation maintainers take security seriously. If you discover a security issue, please bring it to their attention right away!
+
+### Reporting a Vulnerability
+
+Please **DO NOT** file a public issue, instead send your report privately to security@docker.com.
+
+Security reports are greatly appreciated and we will publicly thank you for it, although we keep your name confidential if you request it. We also like to send gifts—if you're into schwag, make sure to let us know. We currently do not offer a paid security bounty program, but are not ruling it out in the future.
\ No newline at end of file