Revise security policy and reporting guidelines

Updated the security policy to include Git Action scanning and revised vulnerability reporting guidelines.

Author: douglasdcm

SECURITY.md

@@ -0,0 +1,12 @@
+# Security Policy
+There is a job in Git Action that scans the code weekly. But, if you find a non-reported vulnerability, please, report it.
+
+## Reporting a Vulnerability
+
+Use issues to report a new security vulnerability.
+
+New security issue should follow these guidelines when being created on `GitLab.com`:
+- Always label as ``security`` at a minimum.
+- Add any additional labels you know apply. It will help with
+the triage process:
+- If possible avoid send customer specific data or any sensitive data.