From c6b07c5ff709e61ca7a40cd46d542aedb629dd14 Mon Sep 17 00:00:00 2001
From: terrymacdonald <terry.macdonald@cosive.com>
Date: Tue, 8 Jun 2021 15:38:55 +1200
Subject: [PATCH] Create SECURITY.md

---
 SECURITY.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..d181a8e
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+We support the latest version of DisplayMagician, and one version earlier than that.
+
+## Reporting a Vulnerability
+
+Please report a vulneability by [logging an issue here](/issues) and mark it with a **vulnerability** label. Our development team will review it and we will determine whether it is a security vulnerability that we will fix. If we determine we will fix it, we will develop code to fix the vulnerability, and it will be subsequently released as part of a new version of software.
+
+## Bug Bounty
+
+DisplayMagician unfortunately does not operate a bug bounty program, and we are unable to pay out bug bounties for discovered vulnerabilities. We do, however, really appreciate any reports of security vulnerabilities, as we want to make our software safer and more robust.