From 619a70fb70f3633ed9b6f3c313b64d3d64b045f7 Mon Sep 17 00:00:00 2001 From: To-om Date: Wed, 22 Jun 2022 17:57:16 +0200 Subject: [PATCH] Add SECURITY.md --- SECURITY.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..8fef7c7a8 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,28 @@ +# StrangeBee Security Policies + +At [StrangeBee](https://www.strangebee.com) we take the security our software and services seriously, including following applications and projects: +- TheHive (TheHive 5, and [previous open source version](https://github.com/TheHive-Project/TheHive)) +- [Cortex](https://github.com/TheHive-Project/Cortex) +- [Cortex-Analyzers](https://github.com/TheHive-Project/Cortex-Analyzers) + +## Reporting a vulnerability +If you believe you have found a security vulnerability in our applications and services (TheHive, Cortex, Cortex-Analyzers ...), report it to us. + +**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.** + +Instead, please send security vulnerabilities by emailing the StrangeBee Security team: + +``` +security[@]strangebee.com +``` + +In this email, please include as much information as possible that can help us better understand and resolve the issue: +- Application and version +- Special configuration and usage required to reproduce the issue +- Step-by-step instructions to reproduce the issue +- Exploit code is any +- Impact of the issue + +This will be very useful and help us triage your report more quickly. + +More information regarding our Security policies and Advisories can be found here: [https://github.com/StrangeBeeCorp/security]().