Create SECURITY.md

SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy
+
+To learn about Cisco security vulnerability disclosure policies and publications, access the [Cisco Security Vulnerability Policy](https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html). This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
+
+https://www.cisco.com/go/psirt
+
+## Reporting a Vulnerability
+
+Individuals or organizations that are experiencing a product security issue are strongly encouraged to contact the Cisco PSIRT. Cisco welcomes reports from independent researchers, industry organizations, vendors, customers, and other sources concerned with product or network security. The minimal data needed for reporting a security issue is a description of the potential vulnerability.
+
+Please contact the Cisco PSIRT using one of the following methods.
+
+Emergency Support
+Phone	+1 877 228 7302 (toll-free within North America)  
++1 408 525 6532 (International direct-dial)
+Hours	24 hours a day, 7 days a week
+
+
+Nonemergency Support
+Email	psirt@cisco.com
+Hours	Support requests that are received via email are typically acknowledged within 48 hours. Ongoing status on reported issues will be determined as needed.
+
+
+Cisco encourages the encryption of sensitive information that is sent to Cisco in email messages. The Cisco PSIRT supports encrypted messages via PGP/GNU Privacy Guard (GPG). The Cisco PSIRT public key is available at the following link:  https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html#cpsir
+
+