Add SECURITY.md

To-om · To-om · commit 619a70fb70f3 · 2022-06-22T17:57:16.000+02:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,28 @@
+# StrangeBee Security Policies 
+
+At [StrangeBee](https://www.strangebee.com) we take the security our software and services seriously, including following applications and projects: 
+- TheHive (TheHive 5, and [previous open source version](https://github.com/TheHive-Project/TheHive))
+- [Cortex](https://github.com/TheHive-Project/Cortex)
+- [Cortex-Analyzers](https://github.com/TheHive-Project/Cortex-Analyzers)
+
+## Reporting a vulnerability
+If you believe you have found a security vulnerability in our applications and services (TheHive, Cortex, Cortex-Analyzers ...), report it to us.
+
+**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
+
+Instead, please send security vulnerabilities by emailing the StrangeBee Security team: 
+
+```
+security[@]strangebee.com
+``` 
+
+In this email, please include as much information as possible that can help us better understand and resolve the issue:
+- Application and version
+- Special configuration and usage required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Exploit code is any
+- Impact of the issue
+
+This will be very useful and help us triage your report more quickly.
+
+More information regarding our Security policies and Advisories can be found here: [https://github.com/StrangeBeeCorp/security]().
