From ffd7579476a78ca3d590bea9746df35bde619d81 Mon Sep 17 00:00:00 2001
From: Fredrik Svantes <fredrik@ethereum.org>
Date: Fri, 10 Sep 2021 05:13:09 +0200
Subject: [PATCH] Add how users should report security vulnerabilities for this
 repository (#9525)

* Add how users should report security vulnerabilities for this repository

Suggestion to add a notice on how to report security vulnerabilities. This is visible at https://github.com/prysmaticlabs/prysm/security

* Add correct email

Co-authored-by: Nishant Das <nish1993@hotmail.com>

* Update SECURITY.md

Co-authored-by: Nishant Das <nish1993@hotmail.com>
Co-authored-by: terence tsao <terence@prysmaticlabs.com>
Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com>
Co-authored-by: Nishant Das <nishdas93@gmail.com>
---
 SECURITY.md | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..02002e08f
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,11 @@
+# Security Policy
+
+## Supported Versions
+
+[Releases](https://github.com/prysmaticlabs/prysm/releases/) contains all available releases. We recommend using the [most recently released version](https://github.com/prysmaticlabs/prysm/releases/latest).
+
+## Reporting a Vulnerability
+
+Please see our signed [security.txt](https://github.com/prysmaticlabs/prysm/blob/develop/.well-known/security.txt) for preferred encryption and reporting destination.
+
+**Please do not file a public ticket** mentioning the vulnerability, as doing so could increase the likelihood of the vulnerability being used before a fix has been created, released and installed on the network.