This document outlines security procedures and policies for the EndpointScripts repository.

We take all security vulnerabilities seriously. Thank you for improving the security of our open source software. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.

Report security vulnerabilities by raising a new issue and tagging it with a security tag. The lead maintainer will acknowledge issue request with a comment outlining the next steps in handling your report. After the initial reply to your report, the security team will endeavor to keep you informed of the progress towards a fix, and may ask for additional information or guidance.

When we receives a security bug report we will:

1. Confirm the problem and determine the affected artefacts.
2. Audit code to find any potential similar problems.
3. Prepare fixes for artefacts still under maintenance.
4. Publish fixes as soon as possible to this repository.