Create SECURITY.md for reporting security issues

Pmayors · web-flow · commit 96d07109e9d0 · 2025-11-13T11:33:09.000+01:00
Added a security policy document outlining the process for reporting security bugs in Hyperledger projects.

Signed-off-by: Pmayors &lt;mayowalawal692@gmail.com&gt;
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,9 @@
+# Hyperledger Security Policy
+
+## Reporting a Security Bug
+
+If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to hear from you. We will take all security bugs seriously and if confirmed upon investigation we will patch it within a reasonable amount of time and release a public security bulletin discussing the impact and credit the discoverer.
+
+In order to report a security bug please email a description of the flaw and any related information (e.g. reproduction steps, version) to [security at hyperledger dot org](mailto:security@hyperledger.org).
+
+The process by which the Hyperledger Security Team handles security bugs is documented further in our [Defect Response page](https://wiki.hyperledger.org/display/SEC/Defect+Response) on our [wiki](https://wiki.hyperledger.org).
