Merge pull request #157 from kumahq/chore/upgrade-githubfiles

ci(.github): automatic sync of files in kumahq/.github
kumahq · Dec 23, 2022 · b3f5a98 · b3f5a98
2 parents 510ec77 + 6405842
commit b3f5a98
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -2,10 +2,12 @@
 
 ## Reporting Vulnerabilities
 
-Please report security vulnerabilities by e-mailing:
+We use Github's Security advisories for reporting security vulnerabilities.
 
-* [[email protected]](mailto:[email protected])
+You can open a private report in the [advisories section](https://github.com/kumahq/kuma/security/advisories).
+
+To learn more about this reporting checkout the [Github docs](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
 
 ## Public Disclosure
 
-Security vulnerabilities will be disclosed via release notes and issues with severity score higher than [4.0](https://www.first.org/cvss/calculator/3.1) will have an advisory published.
+Security vulnerabilities will be disclosed via release notes, issues and Github advisories with severity score higher than [4.0](https://www.first.org/cvss/calculator/3.1) will have an advisory published.