Merge pull request #4 from CodeByBryant/CodeByBryant-patch-1

Bryant Ejorh · web-flow · commit b00b6e970b83 · 2024-12-27T16:22:21.000-08:00
Create SECURITY.md
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,38 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in **EvoSquares**, please help us address it responsibly by following these steps:
+
+1. **Do Not Open a Public Issue**:  
+   To protect users of the project, avoid discussing vulnerabilities publicly in the issue tracker or elsewhere.
+
+2. **Contact Us Directly**:  
+   Go to the Security tab under the repository name and click on 'Report a vulnerability'
+   - A detailed description of the vulnerability.
+   - Steps to reproduce the issue.
+   - Any relevant code or screenshots.
+
+3. **Responsible Disclosure**:  
+   Please allow us time to address the issue before making any details public. We greatly appreciate your cooperation in protecting the integrity and security of this project.
+
+---
+
+## Scope of Security
+
+We are primarily concerned with vulnerabilities that:
+- Allow unauthorized access to user data.
+- Enable denial-of-service (DoS) attacks.
+- Cause unintended behavior that could affect data integrity or system stability.
+
+---
+
+## Security Best Practices
+
+To ensure your own security while contributing to EvoSquares, follow these guidelines:
+- Keep your local development environment updated.
+- Avoid committing sensitive information, such as API keys or personal data, to the repository.
+
+---
+
+Thank you for helping us maintain the security of **EvoSquares**!
