From 98e773a146f7c3e65af9904a8c77bba1815bced5 Mon Sep 17 00:00:00 2001 From: Varun Lodaya Date: Fri, 7 Jun 2024 21:45:10 +0530 Subject: [PATCH] Updating security reachout email (#204) Signed-off-by: varun-lodaya --- RELEASING.md | 2 +- SECURITY.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/RELEASING.md b/RELEASING.md index 27b4d7ba84f..e0e3bb1cada 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -113,7 +113,7 @@ For the actual steps to build a release, please see [Releasing OpenSearch](https ### Security Reviews -If you discover a potential security issue in this project we ask that you notify the OpenSearch Security Team by email at opensearch-security@amazon.com. Please do not create a public GitHub issue. See [SECURITY.md](SECURITY.md) for more information on the security response process. +If you discover a potential security issue in this project we ask that you notify the OpenSearch Security Team by email at security@opensearch.org. Please do not create a public GitHub issue. See [SECURITY.md](SECURITY.md) for more information on the security response process. The OpenSearch Project currently performs security reviews before releasing signed artifacts. These are typically conducted for any of the following: diff --git a/SECURITY.md b/SECURITY.md index 92696f30a0d..e573b576e00 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -73,7 +73,7 @@ Pre-disclosure list members are allowed to share fixes to embargoed issues, anal ## Pre-disclosure list application process -Organizations who meet the criteria above (i.e. significant work needed post-disclosure to remediate the issue and/or ability to help create or test the potential fixes) should contact the OpenSearch Security Team via email at opensearch-security@amazon.com if they wish to be added to the pre-disclosure list. In the email, you must include: +Organizations who meet the criteria above (i.e. significant work needed post-disclosure to remediate the issue and/or ability to help create or test the potential fixes) should contact the OpenSearch Security Team via email at security@opensearch.org if they wish to be added to the pre-disclosure list. In the email, you must include: * The name of your organization * How you’re using OpenSearch