Create SECURITY.md
This commit is contained in:
parent
dc99797f7b
commit
afc7c40975
26
SECURITY.md
Normal file
26
SECURITY.md
Normal file
@ -0,0 +1,26 @@
|
||||
# Security Policy
|
||||
|
||||
## Supported Versions
|
||||
|
||||
CyberChef is supported on a best endeavours basis. Patches will be applied to
|
||||
the latest version rather than retroactively to older versions. To ensure you
|
||||
are using the most secure version of CyberChef, please make sure you have the
|
||||
[latest release](https://github.com/gchq/CyberChef/releases/latest). The
|
||||
official [live demo](https://gchq.github.io/CyberChef/) is always up to date.
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
In most scenarios, the most appropriate way to report a vulnerability is to
|
||||
[raise a new issue](https://github.com/gchq/CyberChef/issues/new/choose)
|
||||
describing the problem in as much detail as possible, ideally with examples.
|
||||
This will obviously be public. If you feel that the vulnerability is
|
||||
significant enough to warrant a private disclosure, please email
|
||||
[oss@gchq.gov.uk](mailto:oss@gchq.gov.uk) and
|
||||
[n1474335@gmail.com](mailto:n1474335@gmail.com).
|
||||
|
||||
Disclosures of vulnerabilities in CyberChef are always welcomed. Whilst we aim
|
||||
to write clean and secure code free from bugs, we recognise that this is an open
|
||||
source project written by analysts in their spare time, relying on dozens of
|
||||
open source libraries that are modified and updated on a regular basis. We hope
|
||||
that the community will continue to support us as we endeavour to maintain and
|
||||
develop this tool together.
|
Loading…
Reference in New Issue
Block a user