From 6211c97d7235b7cc08a8a4b7b8409906d6415a83 Mon Sep 17 00:00:00 2001
From: Greg Methvin <greg@methvin.net>
Date: Sat, 15 Nov 2025 14:47:42 -0800
Subject: [PATCH] Add security policy

---
 SECURITY.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..495ddcb
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Reporting Security Vulnerabilities
+
+Iterable is committed to maintaining the security and privacy of our software and customer data. We value the security research community's contributions to identifying and addressing potential vulnerabilities.
+
+If you discover a security vulnerability in this project, please report it in accordance with Iterable's Responsible Disclosure Policy:
+
+**[https://iterable.com/legal/responsible-disclosure-policy/](https://iterable.com/legal/responsible-disclosure-policy/)**
+
+The policy includes:
+
+- Responsible disclosure guidelines
+- Reporting procedures and submission form
+- Response timelines and expectations
+- Recognition and acknowledgements
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+For questions please contact **security@iterable.com**.
+